151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/* 20310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro * Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved. 351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is free software; you can redistribute it and/or modify it 651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * under the terms of the GNU General Public License version 2 only, as 751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * published by the Free Software Foundation. Oracle designates this 851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * particular file as subject to the "Classpath" exception as provided 951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * by Oracle in the LICENSE file that accompanied this code. 1051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 1151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is distributed in the hope that it will be useful, but WITHOUT 1251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 1351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 1451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * version 2 for more details (a copy is included in the LICENSE file that 1551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * accompanied this code). 1651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 1751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * You should have received a copy of the GNU General Public License version 1851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2 along with this work; if not, write to the Free Software Foundation, 1951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * or visit www.oracle.com if you need additional information or have any 2351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * questions. 2451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 2551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 2651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipackage sun.security.x509; 2751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 2851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.IOException; 2951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.OutputStream; 3051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.util.Enumeration; 3151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 3251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport sun.security.util.*; 3351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 3451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/** 3551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Represent the Key Usage Extension. 3651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 3751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>This extension, if present, defines the purpose (e.g., encipherment, 3851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * signature, certificate signing) of the key contained in the certificate. 3951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * The usage restriction might be employed when a multipurpose key is to be 4051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * restricted (e.g., when an RSA key should be used only for signing or only 4151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * for key encipherment). 4251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 4351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @author Amit Kapoor 4451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @author Hemma Prafullchandra 4551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see Extension 4651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see CertAttrSet 4751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 4851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipublic class KeyUsageExtension extends Extension 4951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimplements CertAttrSet<String> { 5051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 5151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 5251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Identifier for this attribute, to be used with the 5351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * get, set, delete methods of Certificate, x509 type. 5451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 5551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String IDENT = "x509.info.extensions.KeyUsage"; 5651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 5751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Attribute names. 5851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 5951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String NAME = "KeyUsage"; 6051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String DIGITAL_SIGNATURE = "digital_signature"; 6151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String NON_REPUDIATION = "non_repudiation"; 6251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String KEY_ENCIPHERMENT = "key_encipherment"; 6351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String DATA_ENCIPHERMENT = "data_encipherment"; 6451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String KEY_AGREEMENT = "key_agreement"; 6551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String KEY_CERTSIGN = "key_certsign"; 6651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String CRL_SIGN = "crl_sign"; 6751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String ENCIPHER_ONLY = "encipher_only"; 6851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String DECIPHER_ONLY = "decipher_only"; 6951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 7051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // Private data members 7151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private boolean[] bitString; 7251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 7351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // Encode this extension value 7451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private void encodeThis() throws IOException { 7551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski DerOutputStream os = new DerOutputStream(); 7651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski os.putTruncatedUnalignedBitString(new BitArray(this.bitString)); 7751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionValue = os.toByteArray(); 7851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 7951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 8051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 8151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Check if bit is set. 8251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 8351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param position the position in the bit string to check. 8451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 8551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private boolean isSet(int position) { 860310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro return (position < bitString.length) && 870310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro bitString[position]; 8851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 8951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 9051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 9151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Set the bit at the specified position. 9251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 9351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private void set(int position, boolean val) { 9451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // enlarge bitString if necessary 9551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (position >= bitString.length) { 9651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski boolean[] tmp = new boolean[position+1]; 9751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski System.arraycopy(bitString, 0, tmp, 0, bitString.length); 9851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski bitString = tmp; 9951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 10051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski bitString[position] = val; 10151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 10251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 10351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 10451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Create a KeyUsageExtension with the passed bit settings. The criticality 10551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * is set to true. 10651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 10751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param bitString the bits to be set for the extension. 10851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 10951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public KeyUsageExtension(byte[] bitString) throws IOException { 11051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.bitString = 11151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski new BitArray(bitString.length*8,bitString).toBooleanArray(); 11251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionId = PKIXExtensions.KeyUsage_Id; 11351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.critical = true; 11451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski encodeThis(); 11551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 11651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 11751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 11851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Create a KeyUsageExtension with the passed bit settings. The criticality 11951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * is set to true. 12051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 12151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param bitString the bits to be set for the extension. 12251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 12351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public KeyUsageExtension(boolean[] bitString) throws IOException { 12451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.bitString = bitString; 12551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionId = PKIXExtensions.KeyUsage_Id; 12651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.critical = true; 12751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski encodeThis(); 12851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 12951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 13051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 13151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Create a KeyUsageExtension with the passed bit settings. The criticality 13251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * is set to true. 13351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 13451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param bitString the bits to be set for the extension. 13551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 13651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public KeyUsageExtension(BitArray bitString) throws IOException { 13751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.bitString = bitString.toBooleanArray(); 13851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionId = PKIXExtensions.KeyUsage_Id; 13951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.critical = true; 14051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski encodeThis(); 14151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 14251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 14351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 14451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Create the extension from the passed DER encoded value of the same. 14551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * The DER encoded value may be wrapped in an OCTET STRING. 14651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 14751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param critical true if the extension is to be treated as critical. 14851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param value an array of DER encoded bytes of the actual value (possibly 14951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * wrapped in an OCTET STRING). 15051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception ClassCastException if value is not an array of bytes 15151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception IOException on error. 15251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 15351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public KeyUsageExtension(Boolean critical, Object value) 15451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throws IOException { 15551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionId = PKIXExtensions.KeyUsage_Id; 15651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.critical = critical.booleanValue(); 15751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /* 15851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * The following check should be activated again after 15951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * the PKIX profiling work becomes standard and the check 16051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * is not a barrier to interoperability ! 16151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * if (!this.critical) { 16251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * throw new IOException("KeyUsageExtension not marked critical," 16351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * + " invalid profile."); 16451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * } 16551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 16651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski byte[] extValue = (byte[]) value; 16751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (extValue[0] == DerValue.tag_OctetString) { 16851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionValue = new DerValue(extValue).getOctetString(); 16951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else { 17051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionValue = extValue; 17151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 17251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski DerValue val = new DerValue(this.extensionValue); 17351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.bitString = val.getUnalignedBitString().toBooleanArray(); 17451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 17551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 17651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 17751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Create a default key usage. 17851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 17951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public KeyUsageExtension() { 18051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski extensionId = PKIXExtensions.KeyUsage_Id; 18151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski critical = true; 18251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski bitString = new boolean[0]; 18351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 18451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 18551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 18651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Set the attribute value. 18751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 18851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public void set(String name, Object obj) throws IOException { 18951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (!(obj instanceof Boolean)) { 19051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Attribute must be of type Boolean."); 19151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 19251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski boolean val = ((Boolean)obj).booleanValue(); 19351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (name.equalsIgnoreCase(DIGITAL_SIGNATURE)) { 19451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(0,val); 19551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(NON_REPUDIATION)) { 19651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(1,val); 19751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(KEY_ENCIPHERMENT)) { 19851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(2,val); 19951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(DATA_ENCIPHERMENT)) { 20051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(3,val); 20151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(KEY_AGREEMENT)) { 20251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(4,val); 20351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(KEY_CERTSIGN)) { 20451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(5,val); 20551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(CRL_SIGN)) { 20651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(6,val); 20751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(ENCIPHER_ONLY)) { 20851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(7,val); 20951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(DECIPHER_ONLY)) { 21051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(8,val); 21151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else { 21251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Attribute name not recognized by" 21351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski + " CertAttrSet:KeyUsage."); 21451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 21551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski encodeThis(); 21651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 21751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 21851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 21951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Get the attribute value. 22051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 22116bc14e36837b252ea6b696688cb29e867e7447fSergio Giro public Boolean get(String name) throws IOException { 22251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (name.equalsIgnoreCase(DIGITAL_SIGNATURE)) { 22351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return Boolean.valueOf(isSet(0)); 22451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(NON_REPUDIATION)) { 22551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return Boolean.valueOf(isSet(1)); 22651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(KEY_ENCIPHERMENT)) { 22751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return Boolean.valueOf(isSet(2)); 22851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(DATA_ENCIPHERMENT)) { 22951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return Boolean.valueOf(isSet(3)); 23051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(KEY_AGREEMENT)) { 23151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return Boolean.valueOf(isSet(4)); 23251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(KEY_CERTSIGN)) { 23351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return Boolean.valueOf(isSet(5)); 23451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(CRL_SIGN)) { 23551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return Boolean.valueOf(isSet(6)); 23651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(ENCIPHER_ONLY)) { 23751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return Boolean.valueOf(isSet(7)); 23851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(DECIPHER_ONLY)) { 23951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return Boolean.valueOf(isSet(8)); 24051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else { 24151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Attribute name not recognized by" 24251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski + " CertAttrSet:KeyUsage."); 24351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 24451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 24551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 24651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 24751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Delete the attribute value. 24851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 24951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public void delete(String name) throws IOException { 25051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (name.equalsIgnoreCase(DIGITAL_SIGNATURE)) { 25151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(0,false); 25251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(NON_REPUDIATION)) { 25351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(1,false); 25451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(KEY_ENCIPHERMENT)) { 25551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(2,false); 25651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(DATA_ENCIPHERMENT)) { 25751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(3,false); 25851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(KEY_AGREEMENT)) { 25951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(4,false); 26051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(KEY_CERTSIGN)) { 26151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(5,false); 26251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(CRL_SIGN)) { 26351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(6,false); 26451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(ENCIPHER_ONLY)) { 26551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(7,false); 26651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else if (name.equalsIgnoreCase(DECIPHER_ONLY)) { 26751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski set(8,false); 26851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else { 26951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Attribute name not recognized by" 27051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski + " CertAttrSet:KeyUsage."); 27151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 27251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski encodeThis(); 27351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 27451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 27551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 27651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns a printable representation of the KeyUsage. 27751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 27851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public String toString() { 2790310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro StringBuilder sb = new StringBuilder(); 2800310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro sb.append(super.toString()); 2810310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro sb.append("KeyUsage [\n"); 28251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 2830310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro if (isSet(0)) { 2840310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro sb.append(" DigitalSignature\n"); 2850310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro } 2860310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro if (isSet(1)) { 2870310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro sb.append(" Non_repudiation\n"); 2880310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro } 2890310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro if (isSet(2)) { 2900310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro sb.append(" Key_Encipherment\n"); 2910310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro } 2920310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro if (isSet(3)) { 2930310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro sb.append(" Data_Encipherment\n"); 2940310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro } 2950310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro if (isSet(4)) { 2960310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro sb.append(" Key_Agreement\n"); 2970310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro } 2980310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro if (isSet(5)) { 2990310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro sb.append(" Key_CertSign\n"); 3000310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro } 3010310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro if (isSet(6)) { 3020310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro sb.append(" Crl_Sign\n"); 3030310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro } 3040310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro if (isSet(7)) { 3050310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro sb.append(" Encipher_Only\n"); 3060310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro } 3070310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro if (isSet(8)) { 3080310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro sb.append(" Decipher_Only\n"); 3090310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro } 3100310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro sb.append("]\n"); 31151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 3120310e4db77a3eb2f0ff6a98af37f6ebd262014d3Sergio Giro return sb.toString(); 31351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 31451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 31551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 31651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Write the extension to the DerOutputStream. 31751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 31851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param out the DerOutputStream to write the extension to. 31951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception IOException on encoding errors. 32051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 32151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public void encode(OutputStream out) throws IOException { 32251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski DerOutputStream tmp = new DerOutputStream(); 32351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 32451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (this.extensionValue == null) { 32551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionId = PKIXExtensions.KeyUsage_Id; 32651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.critical = true; 32751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski encodeThis(); 32851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 32951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski super.encode(tmp); 33051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski out.write(tmp.toByteArray()); 33151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 33251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 33351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 33451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Return an enumeration of names of attributes existing within this 33551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * attribute. 33651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 33751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public Enumeration<String> getElements() { 33851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski AttributeNameEnumeration elements = new AttributeNameEnumeration(); 33951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski elements.addElement(DIGITAL_SIGNATURE); 34051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski elements.addElement(NON_REPUDIATION); 34151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski elements.addElement(KEY_ENCIPHERMENT); 34251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski elements.addElement(DATA_ENCIPHERMENT); 34351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski elements.addElement(KEY_AGREEMENT); 34451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski elements.addElement(KEY_CERTSIGN); 34551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski elements.addElement(CRL_SIGN); 34651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski elements.addElement(ENCIPHER_ONLY); 34751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski elements.addElement(DECIPHER_ONLY); 34851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 34951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return (elements.elements()); 35051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 35151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 35251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 35351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public boolean[] getBits() { 35451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return bitString.clone(); 35551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 35651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 35751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 35851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Return the name of this attribute. 35951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 36051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public String getName() { 36151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return (NAME); 36251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 36351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski} 364