151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/*
2d7819a81f8b1b8d1a6b26329e4aa5f046afbf1f6Kenny Root * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is free software; you can redistribute it and/or modify it
651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * under the terms of the GNU General Public License version 2 only, as
751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * published by the Free Software Foundation.  Oracle designates this
851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * particular file as subject to the "Classpath" exception as provided
951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * by Oracle in the LICENSE file that accompanied this code.
1051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
1151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is distributed in the hope that it will be useful, but WITHOUT
1251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
1351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
1451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * version 2 for more details (a copy is included in the LICENSE file that
1551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * accompanied this code).
1651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
1751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * You should have received a copy of the GNU General Public License version
1851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2 along with this work; if not, write to the Free Software Foundation,
1951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
2051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
2151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
2251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * or visit www.oracle.com if you need additional information or have any
2351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * questions.
2451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */
2551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
2651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipackage sun.security.x509;
2751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
2851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.IOException;
2951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.OutputStream;
3051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.util.*;
3151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
3251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport sun.security.util.DerValue;
3351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport sun.security.util.DerOutputStream;
3451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
3551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/**
3651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This class defines the certificate policies extension which specifies the
3751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * policies under which the certificate has been issued
3851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * and the purposes for which the certificate may be used.
3951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>
4051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Applications with specific policy requirements are expected to have a
4151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * list of those policies which they will accept and to compare the
4251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * policy OIDs in the certificate to that list.  If this extension is
4351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * critical, the path validation software MUST be able to interpret this
4451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * extension (including the optional qualifier), or MUST reject the
4551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * certificate.
4651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>
4751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Optional qualifiers are not supported in this implementation, as they are
4851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * not recommended by RFC2459.
4951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
5051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * The ASN.1 syntax for this is (IMPLICIT tagging is defined in the
5151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * module definition):
5251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <pre>
5351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * id-ce-certificatePolicies OBJECT IDENTIFIER ::=  { id-ce 32 }
5451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
5551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * certificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
5651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
5751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * PolicyInformation ::= SEQUENCE {
5851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *      policyIdentifier   CertPolicyId,
5951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *      policyQualifiers   SEQUENCE SIZE (1..MAX) OF
6051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *                              PolicyQualifierInfo OPTIONAL }
6151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
6251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * CertPolicyId ::= OBJECT IDENTIFIER
6351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * </pre>
6451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @author Anne Anderson
6551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @since       1.4
6651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see Extension
6751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see CertAttrSet
6851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */
6951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipublic class CertificatePoliciesExtension extends Extension
7051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimplements CertAttrSet<String> {
7151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
7251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Identifier for this attribute, to be used with the
7351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * get, set, delete methods of Certificate, x509 type.
7451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
7551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public static final String IDENT = "x509.info.extensions.CertificatePolicies";
7651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
7751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Attribute names.
7851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
7951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public static final String NAME = "CertificatePolicies";
8051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public static final String POLICIES = "policies";
8151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
8251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
8351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * List of PolicyInformation for this object.
8451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
8551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    private List<PolicyInformation> certPolicies;
8651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
8751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    // Encode this extension value.
8851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    private void encodeThis() throws IOException {
8951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        if (certPolicies == null || certPolicies.isEmpty()) {
9051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            this.extensionValue = null;
9151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        } else {
9251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            DerOutputStream os = new DerOutputStream();
9351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            DerOutputStream tmp = new DerOutputStream();
9451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
9551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            for (PolicyInformation info : certPolicies) {
9651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski                info.encode(tmp);
9751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            }
9851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
9951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            os.write(DerValue.tag_Sequence, tmp);
10051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            this.extensionValue = os.toByteArray();
10151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        }
10251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
10351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
10451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
10551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Create a CertificatePoliciesExtension object from
10651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * a List of PolicyInformation; the criticality is set to false.
10751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *
10851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @param certPolicies the List of PolicyInformation.
10951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
11051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public CertificatePoliciesExtension(List<PolicyInformation> certPolicies)
11151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    throws IOException {
11251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        this(Boolean.FALSE, certPolicies);
11351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
11451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
11551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
11651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Create a CertificatePoliciesExtension object from
11751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * a List of PolicyInformation with specified criticality.
11851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *
11951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @param critical true if the extension is to be treated as critical.
12051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @param certPolicies the List of PolicyInformation.
12151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
12251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public CertificatePoliciesExtension(Boolean critical,
12351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            List<PolicyInformation> certPolicies) throws IOException {
12451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        this.certPolicies = certPolicies;
12551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        this.extensionId = PKIXExtensions.CertificatePolicies_Id;
12651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        this.critical = critical.booleanValue();
12751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        encodeThis();
12851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
12951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
13051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
13151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Create the extension from its DER encoded value and criticality.
13251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *
13351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @param critical true if the extension is to be treated as critical.
13451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @param value an array of DER encoded bytes of the actual value.
13551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @exception ClassCastException if value is not an array of bytes
13651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @exception IOException on error.
13751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
13851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public CertificatePoliciesExtension(Boolean critical, Object value)
13951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    throws IOException {
14051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        this.extensionId = PKIXExtensions.CertificatePolicies_Id;
14151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        this.critical = critical.booleanValue();
14251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        this.extensionValue = (byte[]) value;
14351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        DerValue val = new DerValue(this.extensionValue);
14451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        if (val.tag != DerValue.tag_Sequence) {
14551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            throw new IOException("Invalid encoding for " +
14651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski                                   "CertificatePoliciesExtension.");
14751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        }
14851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        certPolicies = new ArrayList<PolicyInformation>();
14951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        while (val.data.available() != 0) {
15051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            DerValue seq = val.data.getDerValue();
15151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            PolicyInformation policy = new PolicyInformation(seq);
15251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            certPolicies.add(policy);
15351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        }
15451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
15551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
15651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
15751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Return the extension as user readable string.
15851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
15951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public String toString() {
16051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        if (certPolicies == null) {
16151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            return "";
16251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        }
16351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        StringBuilder sb = new StringBuilder(super.toString());
16451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        sb.append("CertificatePolicies [\n");
16551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        for (PolicyInformation info : certPolicies) {
16651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            sb.append(info.toString());
16751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        }
16851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        sb.append("]\n");
16951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        return sb.toString();
17051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
17151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
17251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
17351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Write the extension to the DerOutputStream.
17451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *
17551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @param out the DerOutputStream to write the extension to.
17651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @exception IOException on encoding errors.
17751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
17851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public void encode(OutputStream out) throws IOException {
17951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        DerOutputStream tmp = new DerOutputStream();
18051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        if (extensionValue == null) {
18151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski          extensionId = PKIXExtensions.CertificatePolicies_Id;
18251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski          critical = false;
18351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski          encodeThis();
18451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        }
18551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        super.encode(tmp);
18651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        out.write(tmp.toByteArray());
18751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
18851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
18951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
19051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Set the attribute value.
19151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
192d7819a81f8b1b8d1a6b26329e4aa5f046afbf1f6Kenny Root    @SuppressWarnings("unchecked") // Checked with an instanceof check
19351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public void set(String name, Object obj) throws IOException {
19451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        if (name.equalsIgnoreCase(POLICIES)) {
19551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            if (!(obj instanceof List)) {
19651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski                throw new IOException("Attribute value should be of type List.");
19751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            }
19851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            certPolicies = (List<PolicyInformation>)obj;
19951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        } else {
20051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski          throw new IOException("Attribute name [" + name +
20151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski                                "] not recognized by " +
20251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski                                "CertAttrSet:CertificatePoliciesExtension.");
20351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        }
20451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        encodeThis();
20551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
20651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
20751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
20851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Get the attribute value.
20951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
210d7819a81f8b1b8d1a6b26329e4aa5f046afbf1f6Kenny Root    public List<PolicyInformation> get(String name) throws IOException {
21151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        if (name.equalsIgnoreCase(POLICIES)) {
21251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            //XXXX May want to consider cloning this
21351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            return certPolicies;
21451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        } else {
21551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski          throw new IOException("Attribute name [" + name +
21651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski                                "] not recognized by " +
21751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski                                "CertAttrSet:CertificatePoliciesExtension.");
21851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        }
21951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
22051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
22151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
22251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Delete the attribute value.
22351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
22451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public void delete(String name) throws IOException {
22551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        if (name.equalsIgnoreCase(POLICIES)) {
22651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            certPolicies = null;
22751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        } else {
22851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski          throw new IOException("Attribute name [" + name +
22951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski                                "] not recognized by " +
23051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski                                "CertAttrSet:CertificatePoliciesExtension.");
23151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        }
23251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        encodeThis();
23351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
23451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
23551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
23651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Return an enumeration of names of attributes existing within this
23751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * attribute.
23851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
23951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public Enumeration<String> getElements() {
24051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        AttributeNameEnumeration elements = new AttributeNameEnumeration();
24151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        elements.addElement(POLICIES);
24251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
24351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        return (elements.elements());
24451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
24551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
24651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
24751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Return the name of this attribute.
24851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
24951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public String getName() {
25051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        return (NAME);
25151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
25251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski}
253