151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/* 251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. 351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is free software; you can redistribute it and/or modify it 651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * under the terms of the GNU General Public License version 2 only, as 751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * published by the Free Software Foundation. Oracle designates this 851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * particular file as subject to the "Classpath" exception as provided 951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * by Oracle in the LICENSE file that accompanied this code. 1051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 1151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is distributed in the hope that it will be useful, but WITHOUT 1251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 1351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 1451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * version 2 for more details (a copy is included in the LICENSE file that 1551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * accompanied this code). 1651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 1751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * You should have received a copy of the GNU General Public License version 1851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2 along with this work; if not, write to the Free Software Foundation, 1951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * or visit www.oracle.com if you need additional information or have any 2351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * questions. 2451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 2551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 2651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipackage sun.security.x509; 2751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 2851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.IOException; 2951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.OutputStream; 3051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.util.Enumeration; 3151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 3251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport sun.security.util.*; 3351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 3451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/** 3551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Represent the Key Usage Extension. 3651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 3751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>This extension, if present, defines the purpose (e.g., encipherment, 3851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * signature, certificate signing) of the key contained in the certificate. 3951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * The usage restriction might be employed when a multipurpose key is to be 4051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * restricted (e.g., when an RSA key should be used only for signing or only 4151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * for key encipherment). 4251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 4351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @author Amit Kapoor 4451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @author Hemma Prafullchandra 4551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see Extension 4651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see CertAttrSet 4751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 4851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipublic class KeyUsageExtension extends Extension 4951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimplements CertAttrSet<String> { 5051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 5151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 5251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Identifier for this attribute, to be used with the 5351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * get, set, delete methods of Certificate, x509 type. 5451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 5551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String IDENT = "x509.info.extensions.KeyUsage"; 5651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 5751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Attribute names. 5851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 5951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String NAME = "KeyUsage"; 6051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String DIGITAL_SIGNATURE = "digital_signature"; 6151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String NON_REPUDIATION = "non_repudiation"; 6251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String KEY_ENCIPHERMENT = "key_encipherment"; 6351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String DATA_ENCIPHERMENT = "data_encipherment"; 6451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String KEY_AGREEMENT = "key_agreement"; 6551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String KEY_CERTSIGN = "key_certsign"; 6651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String CRL_SIGN = "crl_sign"; 6751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String ENCIPHER_ONLY = "encipher_only"; 6851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String DECIPHER_ONLY = "decipher_only"; 6951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 7051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // Private data members 7151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private boolean[] bitString; 7251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 7351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // Encode this extension value 7451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private void encodeThis() throws IOException { 7551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski DerOutputStream os = new DerOutputStream(); 7651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski os.putTruncatedUnalignedBitString(new BitArray(this.bitString)); 7751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionValue = os.toByteArray(); 7851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 7951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 8051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 8151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Check if bit is set. 8251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 8351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param position the position in the bit string to check. 8451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 8551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private boolean isSet(int position) { 8651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return bitString[position]; 8751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 8851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 8951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 9051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Set the bit at the specified position. 9151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 9251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private void set(int position, boolean val) { 9351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // enlarge bitString if necessary 9451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (position >= bitString.length) { 9551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski boolean[] tmp = new boolean[position+1]; 9651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski System.arraycopy(bitString, 0, tmp, 0, bitString.length); 9751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski bitString = tmp; 9851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 9951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski bitString[position] = val; 10051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 10151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 10251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 10351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Create a KeyUsageExtension with the passed bit settings. The criticality 10451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * is set to true. 10551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 10651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param bitString the bits to be set for the extension. 10751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 10851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public KeyUsageExtension(byte[] bitString) throws IOException { 10951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.bitString = 11051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski new BitArray(bitString.length*8,bitString).toBooleanArray(); 11151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionId = PKIXExtensions.KeyUsage_Id; 11251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.critical = true; 11351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski encodeThis(); 11451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 11551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 11651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 11751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Create a KeyUsageExtension with the passed bit settings. The criticality 11851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * is set to true. 11951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 12051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param bitString the bits to be set for the extension. 12151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 12251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public KeyUsageExtension(boolean[] bitString) throws IOException { 12351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.bitString = bitString; 12451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionId = PKIXExtensions.KeyUsage_Id; 12551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.critical = true; 12651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski encodeThis(); 12751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 12851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 12951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 13051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Create a KeyUsageExtension with the passed bit settings. The criticality 13151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * is set to true. 13251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 13351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param bitString the bits to be set for the extension. 13451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 13551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public KeyUsageExtension(BitArray bitString) throws IOException { 13651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.bitString = bitString.toBooleanArray(); 13751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionId = PKIXExtensions.KeyUsage_Id; 13851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.critical = true; 13951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski encodeThis(); 14051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 14151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 14251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 14351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Create the extension from the passed DER encoded value of the same. 14451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * The DER encoded value may be wrapped in an OCTET STRING. 14551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 14651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param critical true if the extension is to be treated as critical. 14751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param value an array of DER encoded bytes of the actual value (possibly 14851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * wrapped in an OCTET STRING). 14951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception ClassCastException if value is not an array of bytes 15051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception IOException on error. 15151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 15251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public KeyUsageExtension(Boolean critical, Object value) 15351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throws IOException { 15451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionId = PKIXExtensions.KeyUsage_Id; 15551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.critical = critical.booleanValue(); 15651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /* 15751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * The following check should be activated again after 15851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * the PKIX profiling work becomes standard and the check 15951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * is not a barrier to interoperability ! 16051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * if (!this.critical) { 16151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * throw new IOException("KeyUsageExtension not marked critical," 16251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * + " invalid profile."); 16351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * } 16451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 16551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski byte[] extValue = (byte[]) value; 16651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (extValue[0] == DerValue.tag_OctetString) { 16751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionValue = new DerValue(extValue).getOctetString(); 16851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else { 16951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionValue = extValue; 17051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 17151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski DerValue val = new DerValue(this.extensionValue); 17251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.bitString = val.getUnalignedBitString().toBooleanArray(); 17351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 17451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 17551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 17651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Create a default key usage. 17751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 17851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public KeyUsageExtension() { 17951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski extensionId = PKIXExtensions.KeyUsage_Id; 18051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski critical = true; 18151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski bitString = new boolean[0]; 18251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 18351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 18451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 18551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Set the attribute value. 18651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 18751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public void set(String name, Object obj) throws IOException { 18851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (!(obj instanceof Boolean)) { 18951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Attribute must be of type Boolean."); 19051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 19151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski boolean val = ((Boolean)obj).booleanValue(); 19251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (name.equalsIgnoreCase(DIGITAL_SIGNATURE)) { 19351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(0,val); 19451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(NON_REPUDIATION)) { 19551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(1,val); 19651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(KEY_ENCIPHERMENT)) { 19751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(2,val); 19851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(DATA_ENCIPHERMENT)) { 19951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(3,val); 20051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(KEY_AGREEMENT)) { 20151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(4,val); 20251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(KEY_CERTSIGN)) { 20351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(5,val); 20451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(CRL_SIGN)) { 20551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(6,val); 20651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(ENCIPHER_ONLY)) { 20751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(7,val); 20851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(DECIPHER_ONLY)) { 20951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(8,val); 21051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else { 21151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Attribute name not recognized by" 21251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski + " CertAttrSet:KeyUsage."); 21351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 21451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski encodeThis(); 21551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 21651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 21751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 21851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Get the attribute value. 21951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 22051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public Object get(String name) throws IOException { 22151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (name.equalsIgnoreCase(DIGITAL_SIGNATURE)) { 22251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return Boolean.valueOf(isSet(0)); 22351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(NON_REPUDIATION)) { 22451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return Boolean.valueOf(isSet(1)); 22551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(KEY_ENCIPHERMENT)) { 22651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return Boolean.valueOf(isSet(2)); 22751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(DATA_ENCIPHERMENT)) { 22851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return Boolean.valueOf(isSet(3)); 22951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(KEY_AGREEMENT)) { 23051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return Boolean.valueOf(isSet(4)); 23151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(KEY_CERTSIGN)) { 23251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return Boolean.valueOf(isSet(5)); 23351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(CRL_SIGN)) { 23451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return Boolean.valueOf(isSet(6)); 23551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(ENCIPHER_ONLY)) { 23651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return Boolean.valueOf(isSet(7)); 23751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(DECIPHER_ONLY)) { 23851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return Boolean.valueOf(isSet(8)); 23951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else { 24051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Attribute name not recognized by" 24151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski + " CertAttrSet:KeyUsage."); 24251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 24351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 24451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 24551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 24651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Delete the attribute value. 24751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 24851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public void delete(String name) throws IOException { 24951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (name.equalsIgnoreCase(DIGITAL_SIGNATURE)) { 25051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(0,false); 25151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(NON_REPUDIATION)) { 25251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(1,false); 25351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(KEY_ENCIPHERMENT)) { 25451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(2,false); 25551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(DATA_ENCIPHERMENT)) { 25651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(3,false); 25751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(KEY_AGREEMENT)) { 25851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(4,false); 25951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(KEY_CERTSIGN)) { 26051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(5,false); 26151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(CRL_SIGN)) { 26251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(6,false); 26351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(ENCIPHER_ONLY)) { 26451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(7,false); 26551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(DECIPHER_ONLY)) { 26651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(8,false); 26751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else { 26851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Attribute name not recognized by" 26951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski + " CertAttrSet:KeyUsage."); 27051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 27151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski encodeThis(); 27251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 27351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 27451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 27551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns a printable representation of the KeyUsage. 27651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 27751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public String toString() { 27851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski String s = super.toString() + "KeyUsage [\n"; 27951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 28051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski try { 28151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (isSet(0)) { 28251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski s += " DigitalSignature\n"; 28351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 28451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (isSet(1)) { 28551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski s += " Non_repudiation\n"; 28651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 28751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (isSet(2)) { 28851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski s += " Key_Encipherment\n"; 28951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 29051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (isSet(3)) { 29151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski s += " Data_Encipherment\n"; 29251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 29351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (isSet(4)) { 29451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski s += " Key_Agreement\n"; 29551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 29651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (isSet(5)) { 29751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski s += " Key_CertSign\n"; 29851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 29951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (isSet(6)) { 30051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski s += " Crl_Sign\n"; 30151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 30251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (isSet(7)) { 30351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski s += " Encipher_Only\n"; 30451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 30551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (isSet(8)) { 30651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski s += " Decipher_Only\n"; 30751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 30851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } catch (ArrayIndexOutOfBoundsException ex) {} 30951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 31051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski s += "]\n"; 31151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 31251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return (s); 31351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 31451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 31551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 31651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Write the extension to the DerOutputStream. 31751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 31851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param out the DerOutputStream to write the extension to. 31951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception IOException on encoding errors. 32051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 32151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public void encode(OutputStream out) throws IOException { 32251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski DerOutputStream tmp = new DerOutputStream(); 32351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 32451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (this.extensionValue == null) { 32551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionId = PKIXExtensions.KeyUsage_Id; 32651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.critical = true; 32751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski encodeThis(); 32851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 32951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski super.encode(tmp); 33051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski out.write(tmp.toByteArray()); 33151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 33251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 33351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 33451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Return an enumeration of names of attributes existing within this 33551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * attribute. 33651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 33751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public Enumeration<String> getElements() { 33851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski AttributeNameEnumeration elements = new AttributeNameEnumeration(); 33951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski elements.addElement(DIGITAL_SIGNATURE); 34051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski elements.addElement(NON_REPUDIATION); 34151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski elements.addElement(KEY_ENCIPHERMENT); 34251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski elements.addElement(DATA_ENCIPHERMENT); 34351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski elements.addElement(KEY_AGREEMENT); 34451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski elements.addElement(KEY_CERTSIGN); 34551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski elements.addElement(CRL_SIGN); 34651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski elements.addElement(ENCIPHER_ONLY); 34751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski elements.addElement(DECIPHER_ONLY); 34851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 34951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return (elements.elements()); 35051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 35151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 35251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 35351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public boolean[] getBits() { 35451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return bitString.clone(); 35551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 35651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 35751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 35851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Return the name of this attribute. 35951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 36051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public String getName() { 36151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return (NAME); 36251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 36351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski} 364