151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/* 251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved. 351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is free software; you can redistribute it and/or modify it 651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * under the terms of the GNU General Public License version 2 only, as 751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * published by the Free Software Foundation. Oracle designates this 851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * particular file as subject to the "Classpath" exception as provided 951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * by Oracle in the LICENSE file that accompanied this code. 1051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 1151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is distributed in the hope that it will be useful, but WITHOUT 1251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 1351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 1451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * version 2 for more details (a copy is included in the LICENSE file that 1551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * accompanied this code). 1651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 1751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * You should have received a copy of the GNU General Public License version 1851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2 along with this work; if not, write to the Free Software Foundation, 1951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * or visit www.oracle.com if you need additional information or have any 2351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * questions. 2451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 2551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 2651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipackage sun.security.x509; 2751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 2851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.IOException; 2951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.OutputStream; 3051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.util.Enumeration; 3151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 3251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport sun.security.util.*; 3351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 3451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/** 3551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This class represents the Basic Constraints Extension. 3651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 3751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>The basic constraints extension identifies whether the subject of the 3851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * certificate is a CA and how deep a certification path may exist 3951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * through that CA. 4051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 4151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <pre> 4251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * The ASN.1 syntax for this extension is: 4351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * BasicConstraints ::= SEQUENCE { 4451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * cA BOOLEAN DEFAULT FALSE, 4551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * pathLenConstraint INTEGER (0..MAX) OPTIONAL 4651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * } 4751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * </pre> 4851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @author Amit Kapoor 4951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @author Hemma Prafullchandra 5051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see CertAttrSet 5151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see Extension 5251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 5351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipublic class BasicConstraintsExtension extends Extension 5451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimplements CertAttrSet<String> { 5551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 5651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Identifier for this attribute, to be used with the 5751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * get, set, delete methods of Certificate, x509 type. 5851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 5951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String IDENT = "x509.info.extensions.BasicConstraints"; 6051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 6151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Attribute names. 6251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 6351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String NAME = "BasicConstraints"; 6451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String IS_CA = "is_ca"; 6551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String PATH_LEN = "path_len"; 6651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 6751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // Private data members 6851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private boolean ca = false; 6951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private int pathLen = -1; 7051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 7151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // Encode this extension value 7251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private void encodeThis() throws IOException { 7351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski DerOutputStream out = new DerOutputStream(); 7451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski DerOutputStream tmp = new DerOutputStream(); 7551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 7651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (ca) { 7751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski tmp.putBoolean(ca); 7851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // Only encode pathLen when ca == true 7951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (pathLen >= 0) { 8051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski tmp.putInteger(pathLen); 8151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 8251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 8351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski out.write(DerValue.tag_Sequence, tmp); 8451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionValue = out.toByteArray(); 8551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 8651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 8751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 8851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Default constructor for this object. The extension is marked 8951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * critical if the ca flag is true, false otherwise. 9051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 9151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param ca true, if the subject of the Certificate is a CA. 9251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param len specifies the depth of the certification path. 9351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 9451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public BasicConstraintsExtension(boolean ca, int len) throws IOException { 9551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this(Boolean.valueOf(ca), ca, len); 9651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 9751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 9851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 9951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Constructor for this object with specified criticality. 10051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 10151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param critical true, if the extension should be marked critical 10251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param ca true, if the subject of the Certificate is a CA. 10351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param len specifies the depth of the certification path. 10451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 10551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public BasicConstraintsExtension(Boolean critical, boolean ca, int len) 10651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throws IOException { 10751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.ca = ca; 10851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.pathLen = len; 10951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionId = PKIXExtensions.BasicConstraints_Id; 11051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.critical = critical.booleanValue(); 11151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski encodeThis(); 11251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 11351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 11451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 11551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Create the extension from the passed DER encoded value of the same. 11651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 11751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param critical flag indicating if extension is critical or not 11851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param value an array containing the DER encoded bytes of the extension. 11951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception ClassCastException if value is not an array of bytes 12051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception IOException on error. 12151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 12251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public BasicConstraintsExtension(Boolean critical, Object value) 12351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throws IOException 12451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski { 12551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionId = PKIXExtensions.BasicConstraints_Id; 12651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.critical = critical.booleanValue(); 12751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 12851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionValue = (byte[]) value; 12951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski DerValue val = new DerValue(this.extensionValue); 13051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (val.tag != DerValue.tag_Sequence) { 13151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Invalid encoding of BasicConstraints"); 13251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 13351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 13451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (val.data == null || val.data.available() == 0) { 13551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // non-CA cert ("cA" field is FALSE by default), return -1 13651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return; 13751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 13851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski DerValue opt = val.data.getDerValue(); 13951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (opt.tag != DerValue.tag_Boolean) { 14051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // non-CA cert ("cA" field is FALSE by default), return -1 14151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return; 14251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 14351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 14451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.ca = opt.getBoolean(); 14551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (val.data.available() == 0) { 14651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // From PKIX profile: 14751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // Where pathLenConstraint does not appear, there is no 14851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // limit to the allowed length of the certification path. 14951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.pathLen = Integer.MAX_VALUE; 15051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return; 15151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 15251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 15351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski opt = val.data.getDerValue(); 15451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (opt.tag != DerValue.tag_Integer) { 15551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Invalid encoding of BasicConstraints"); 15651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 15751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.pathLen = opt.getInteger(); 15851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /* 15951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Activate this check once again after PKIX profiling 16051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * is a standard and this check no longer imposes an 16151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * interoperability barrier. 16251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * if (ca) { 16351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * if (!this.critical) { 16451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * throw new IOException("Criticality cannot be false for CA."); 16551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * } 16651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * } 16751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 16851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 16951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 17051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 17151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Return user readable form of extension. 17251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 17351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public String toString() { 17451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski String s = super.toString() + "BasicConstraints:[\n"; 17551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 17651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski s += ((ca) ? (" CA:true") : (" CA:false")) + "\n"; 17751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (pathLen >= 0) { 17851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski s += " PathLen:" + pathLen + "\n"; 17951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else { 18051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski s += " PathLen: undefined\n"; 18151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 18251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return (s + "]\n"); 18351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 18451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 18551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 18651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Encode this extension value to the output stream. 18751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 18851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param out the DerOutputStream to encode the extension to. 18951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 19051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public void encode(OutputStream out) throws IOException { 19151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski DerOutputStream tmp = new DerOutputStream(); 19251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (extensionValue == null) { 19351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionId = PKIXExtensions.BasicConstraints_Id; 19451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (ca) { 19551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski critical = true; 19651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else { 19751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski critical = false; 19851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 19951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski encodeThis(); 20051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 20151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski super.encode(tmp); 20251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 20351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski out.write(tmp.toByteArray()); 20451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 20551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 20651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 20751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Set the attribute value. 20851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 20951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public void set(String name, Object obj) throws IOException { 21051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (name.equalsIgnoreCase(IS_CA)) { 21151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (!(obj instanceof Boolean)) { 21251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Attribute value should be of type Boolean."); 21351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 21451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski ca = ((Boolean)obj).booleanValue(); 21551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(PATH_LEN)) { 21651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (!(obj instanceof Integer)) { 21751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Attribute value should be of type Integer."); 21851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 21951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski pathLen = ((Integer)obj).intValue(); 22051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else { 22151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Attribute name not recognized by " + 22251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski "CertAttrSet:BasicConstraints."); 22351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 22451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski encodeThis(); 22551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 22651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 22751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 22851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Get the attribute value. 22951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 23051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public Object get(String name) throws IOException { 23151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (name.equalsIgnoreCase(IS_CA)) { 23251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return (Boolean.valueOf(ca)); 23351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(PATH_LEN)) { 23451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return (Integer.valueOf(pathLen)); 23551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else { 23651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Attribute name not recognized by " + 23751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski "CertAttrSet:BasicConstraints."); 23851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 23951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 24051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 24151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 24251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Delete the attribute value. 24351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 24451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public void delete(String name) throws IOException { 24551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (name.equalsIgnoreCase(IS_CA)) { 24651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski ca = false; 24751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(PATH_LEN)) { 24851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski pathLen = -1; 24951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else { 25051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Attribute name not recognized by " + 25151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski "CertAttrSet:BasicConstraints."); 25251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 25351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski encodeThis(); 25451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 25551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 25651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 25751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Return an enumeration of names of attributes existing within this 25851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * attribute. 25951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 26051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public Enumeration<String> getElements() { 26151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski AttributeNameEnumeration elements = new AttributeNameEnumeration(); 26251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski elements.addElement(IS_CA); 26351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski elements.addElement(PATH_LEN); 26451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 26551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return (elements.elements()); 26651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 26751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 26851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 26951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Return the name of this attribute. 27051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 27151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public String getName() { 27251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return (NAME); 27351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 27451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski} 275