1 package org.bouncycastle.x509; 2 3 import java.io.IOException; 4 import java.security.Principal; 5 import java.security.cert.CertSelector; 6 import java.security.cert.Certificate; 7 import java.security.cert.X509Certificate; 8 import java.util.ArrayList; 9 import java.util.List; 10 11 import javax.security.auth.x500.X500Principal; 12 13 import org.bouncycastle.asn1.ASN1Encodable; 14 import org.bouncycastle.asn1.DERSequence; 15 import org.bouncycastle.asn1.x509.AttCertIssuer; 16 import org.bouncycastle.asn1.x509.GeneralName; 17 import org.bouncycastle.asn1.x509.GeneralNames; 18 import org.bouncycastle.asn1.x509.V2Form; 19 import org.bouncycastle.jce.X509Principal; 20 import org.bouncycastle.util.Selector; 21 22 /** 23 * Carrying class for an attribute certificate issuer. 24 * @deprecated use org.bouncycastle.cert.AttributeCertificateIssuer 25 */ 26 public class AttributeCertificateIssuer 27 implements CertSelector, Selector 28 { 29 final ASN1Encodable form; 30 31 /** 32 * Set the issuer directly with the ASN.1 structure. 33 * 34 * @param issuer The issuer 35 */ AttributeCertificateIssuer(AttCertIssuer issuer)36 public AttributeCertificateIssuer(AttCertIssuer issuer) 37 { 38 form = issuer.getIssuer(); 39 } 40 AttributeCertificateIssuer(X500Principal principal)41 public AttributeCertificateIssuer(X500Principal principal) 42 throws IOException 43 { 44 this(new X509Principal(principal.getEncoded())); 45 } 46 AttributeCertificateIssuer(X509Principal principal)47 public AttributeCertificateIssuer(X509Principal principal) 48 { 49 form = new V2Form(GeneralNames.getInstance(new DERSequence(new GeneralName(principal)))); 50 } 51 getNames()52 private Object[] getNames() 53 { 54 GeneralNames name; 55 56 if (form instanceof V2Form) 57 { 58 name = ((V2Form)form).getIssuerName(); 59 } 60 else 61 { 62 name = (GeneralNames)form; 63 } 64 65 GeneralName[] names = name.getNames(); 66 67 List l = new ArrayList(names.length); 68 69 for (int i = 0; i != names.length; i++) 70 { 71 if (names[i].getTagNo() == GeneralName.directoryName) 72 { 73 try 74 { 75 l.add(new X500Principal( 76 ((ASN1Encodable)names[i].getName()).toASN1Primitive().getEncoded())); 77 } 78 catch (IOException e) 79 { 80 throw new RuntimeException("badly formed Name object"); 81 } 82 } 83 } 84 85 return l.toArray(new Object[l.size()]); 86 } 87 88 /** 89 * Return any principal objects inside the attribute certificate issuer 90 * object. 91 * 92 * @return an array of Principal objects (usually X500Principal) 93 */ getPrincipals()94 public Principal[] getPrincipals() 95 { 96 Object[] p = this.getNames(); 97 List l = new ArrayList(); 98 99 for (int i = 0; i != p.length; i++) 100 { 101 if (p[i] instanceof Principal) 102 { 103 l.add(p[i]); 104 } 105 } 106 107 return (Principal[])l.toArray(new Principal[l.size()]); 108 } 109 matchesDN(X500Principal subject, GeneralNames targets)110 private boolean matchesDN(X500Principal subject, GeneralNames targets) 111 { 112 GeneralName[] names = targets.getNames(); 113 114 for (int i = 0; i != names.length; i++) 115 { 116 GeneralName gn = names[i]; 117 118 if (gn.getTagNo() == GeneralName.directoryName) 119 { 120 try 121 { 122 if (new X500Principal(((ASN1Encodable)gn.getName()).toASN1Primitive().getEncoded()).equals(subject)) 123 { 124 return true; 125 } 126 } 127 catch (IOException e) 128 { 129 } 130 } 131 } 132 133 return false; 134 } 135 clone()136 public Object clone() 137 { 138 return new AttributeCertificateIssuer(AttCertIssuer.getInstance(form)); 139 } 140 match(Certificate cert)141 public boolean match(Certificate cert) 142 { 143 if (!(cert instanceof X509Certificate)) 144 { 145 return false; 146 } 147 148 X509Certificate x509Cert = (X509Certificate)cert; 149 150 if (form instanceof V2Form) 151 { 152 V2Form issuer = (V2Form)form; 153 if (issuer.getBaseCertificateID() != null) 154 { 155 return issuer.getBaseCertificateID().getSerial().hasValue(x509Cert.getSerialNumber()) 156 && matchesDN(x509Cert.getIssuerX500Principal(), issuer.getBaseCertificateID().getIssuer()); 157 } 158 159 GeneralNames name = issuer.getIssuerName(); 160 if (matchesDN(x509Cert.getSubjectX500Principal(), name)) 161 { 162 return true; 163 } 164 } 165 else 166 { 167 GeneralNames name = (GeneralNames)form; 168 if (matchesDN(x509Cert.getSubjectX500Principal(), name)) 169 { 170 return true; 171 } 172 } 173 174 return false; 175 } 176 equals(Object obj)177 public boolean equals(Object obj) 178 { 179 if (obj == this) 180 { 181 return true; 182 } 183 184 if (!(obj instanceof AttributeCertificateIssuer)) 185 { 186 return false; 187 } 188 189 AttributeCertificateIssuer other = (AttributeCertificateIssuer)obj; 190 191 return this.form.equals(other.form); 192 } 193 hashCode()194 public int hashCode() 195 { 196 return this.form.hashCode(); 197 } 198 match(Object obj)199 public boolean match(Object obj) 200 { 201 if (!(obj instanceof X509Certificate)) 202 { 203 return false; 204 } 205 206 return match((Certificate)obj); 207 } 208 } 209