1cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrompackage org.bouncycastle.asn1.x509; 2cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom 34c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport java.util.Enumeration; 44c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport java.util.Hashtable; 54c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport java.util.Vector; 64c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom 770c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstromimport org.bouncycastle.asn1.ASN1Encodable; 8cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstromimport org.bouncycastle.asn1.ASN1EncodableVector; 94c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport org.bouncycastle.asn1.ASN1Object; 104c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport org.bouncycastle.asn1.ASN1ObjectIdentifier; 114c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport org.bouncycastle.asn1.ASN1Primitive; 12cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstromimport org.bouncycastle.asn1.ASN1Sequence; 13cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstromimport org.bouncycastle.asn1.ASN1TaggedObject; 14cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstromimport org.bouncycastle.asn1.DERSequence; 15cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom 16cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom/** 17cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom * The extendedKeyUsage object. 18cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom * <pre> 19cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom * extendedKeyUsage ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId 20cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom * </pre> 21cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom */ 22cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrompublic class ExtendedKeyUsage 234c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom extends ASN1Object 24cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom{ 25cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom Hashtable usageTable = new Hashtable(); 26cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom ASN1Sequence seq; 27cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom 285db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root /** 295db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * Return an ExtendedKeyUsage from the passed in tagged object. 305db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * 315db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * @param obj the tagged object containing the ExtendedKeyUsage 325db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * @param explicit true if the tagged object should be interpreted as explicitly tagged, false if implicit. 335db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * @return the ExtendedKeyUsage contained. 345db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root */ 35cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom public static ExtendedKeyUsage getInstance( 36cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom ASN1TaggedObject obj, 37cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom boolean explicit) 38cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom { 39cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom return getInstance(ASN1Sequence.getInstance(obj, explicit)); 40cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom } 41cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom 425db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root /** 435db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * Return an ExtendedKeyUsage from the passed in object. 445db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * 455db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * @param obj an ExtendedKeyUsage, some form or encoding of one, or null. 465db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * @return an ExtendedKeyUsage object, or null if null is passed in. 475db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root */ 48cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom public static ExtendedKeyUsage getInstance( 49cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom Object obj) 50cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom { 51cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom if (obj instanceof ExtendedKeyUsage) 52cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom { 53cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom return (ExtendedKeyUsage)obj; 54cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom } 5570c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom else if (obj != null) 56cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom { 574c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom return new ExtendedKeyUsage(ASN1Sequence.getInstance(obj)); 58cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom } 59cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom 604c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom return null; 61cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom } 62cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom 635db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root /** 645db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * Retrieve an ExtendedKeyUsage for a passed in Extensions object, if present. 655db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * 665db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * @param extensions the extensions object to be examined. 675db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * @return the ExtendedKeyUsage, null if the extension is not present. 685db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root */ 6970c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom public static ExtendedKeyUsage fromExtensions(Extensions extensions) 7070c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom { 7170c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom return ExtendedKeyUsage.getInstance(extensions.getExtensionParsedValue(Extension.extendedKeyUsage)); 7270c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom } 7370c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom 745db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root /** 755db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * Base constructor, from a single KeyPurposeId. 765db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * 775db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * @param usage the keyPurposeId to be included. 785db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root */ 79cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom public ExtendedKeyUsage( 80cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom KeyPurposeId usage) 81cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom { 82cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom this.seq = new DERSequence(usage); 83cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom 84cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom this.usageTable.put(usage, usage); 85cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom } 86cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom 8770c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom private ExtendedKeyUsage( 88cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom ASN1Sequence seq) 89cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom { 90cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom this.seq = seq; 91cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom 92cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom Enumeration e = seq.getObjects(); 93cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom 94cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom while (e.hasMoreElements()) 95cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom { 9670c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom ASN1Encodable o = (ASN1Encodable)e.nextElement(); 9770c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom if (!(o.toASN1Primitive() instanceof ASN1ObjectIdentifier)) 98cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom { 994c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom throw new IllegalArgumentException("Only ASN1ObjectIdentifiers allowed in ExtendedKeyUsage."); 100cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom } 101cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom this.usageTable.put(o, o); 102cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom } 103cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom } 104cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom 1055db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root /** 1065db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * Base constructor, from multiple KeyPurposeIds. 1075db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * 1085db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * @param usages an array of KeyPurposeIds. 1095db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root */ 110cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom public ExtendedKeyUsage( 11170c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom KeyPurposeId[] usages) 11270c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom { 11370c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom ASN1EncodableVector v = new ASN1EncodableVector(); 11470c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom 11570c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom for (int i = 0; i != usages.length; i++) 11670c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom { 11770c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom v.add(usages[i]); 11870c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom this.usageTable.put(usages[i], usages[i]); 11970c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom } 12070c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom 12170c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom this.seq = new DERSequence(v); 12270c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom } 12370c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom 12470c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom /** 12570c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom * @deprecated use KeyPurposeId[] constructor. 12670c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom */ 12770c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom public ExtendedKeyUsage( 12870c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom Vector usages) 129cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom { 130cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom ASN1EncodableVector v = new ASN1EncodableVector(); 131cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom Enumeration e = usages.elements(); 132cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom 133cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom while (e.hasMoreElements()) 134cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom { 1355db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root KeyPurposeId o = KeyPurposeId.getInstance(e.nextElement()); 136cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom 137cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom v.add(o); 138cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom this.usageTable.put(o, o); 139cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom } 140cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom 141cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom this.seq = new DERSequence(v); 142cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom } 143cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom 1445db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root /** 1455db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * Return true if this ExtendedKeyUsage object contains the passed in keyPurposeId. 1465db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * 1475db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * @param keyPurposeId the KeyPurposeId of interest. 1485db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * @return true if the keyPurposeId is present, false otherwise. 1495db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root */ 150cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom public boolean hasKeyPurposeId( 151cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom KeyPurposeId keyPurposeId) 152cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom { 153cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom return (usageTable.get(keyPurposeId) != null); 154cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom } 155cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom 156cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom /** 157cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom * Returns all extended key usages. 1585db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * 15970c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom * @return An array with all key purposes. 160cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom */ 16170c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom public KeyPurposeId[] getUsages() 162cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom { 16370c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom KeyPurposeId[] temp = new KeyPurposeId[seq.size()]; 16470c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom 16570c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom int i = 0; 16670c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom for (Enumeration it = seq.getObjects(); it.hasMoreElements();) 167cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom { 16870c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom temp[i++] = KeyPurposeId.getInstance(it.nextElement()); 169cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom } 170cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom return temp; 171cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom } 172cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom 1735db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root /** 1745db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * Return the number of KeyPurposeIds present in this ExtendedKeyUsage. 1755db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * 1765db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * @return the number of KeyPurposeIds 1775db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root */ 178cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom public int size() 179cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom { 180cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom return usageTable.size(); 181cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom } 1825db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root 1835db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root /** 1845db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * Return the ASN.1 primitive form of this object. 1855db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * 1865db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root * @return an ASN1Sequence. 1875db505e1f6a68c8d5dfdb0fed0b8607dea7bed96Kenny Root */ 1884c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom public ASN1Primitive toASN1Primitive() 189cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom { 190cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom return seq; 191cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom } 192cd508cf8c2f1b68e13a8fa977fb7296f4bd78fb5Brian Carlstrom} 193