1 /* 2 * Copyright (c) 2000, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package sun.security.x509; 27 28 import java.io.IOException; 29 import sun.security.util.DerValue; 30 import sun.security.util.DerOutputStream; 31 32 /** 33 * This class defines the X400Address of the GeneralName choice. 34 * <p> 35 * The ASN.1 syntax for this is: 36 * <pre> 37 * ORAddress ::= SEQUENCE { 38 * built-in-standard-attributes BuiltInStandardAttributes, 39 * built-in-domain-defined-attributes 40 * BuiltInDomainDefinedAttributes OPTIONAL, 41 * -- see also teletex-domain-defined-attributes 42 * extension-attributes ExtensionAttributes OPTIONAL } 43 * -- The OR-address is semantically absent from the OR-name if the 44 * -- built-in-standard-attribute sequence is empty and the 45 * -- built-in-domain-defined-attributes and extension-attributes are 46 * -- both omitted. 47 * 48 * -- Built-in Standard Attributes 49 * 50 * BuiltInStandardAttributes ::= SEQUENCE { 51 * country-name CountryName OPTIONAL, 52 * administration-domain-name AdministrationDomainName OPTIONAL, 53 * network-address [0] NetworkAddress OPTIONAL, 54 * -- see also extended-network-address 55 * terminal-identifier [1] TerminalIdentifier OPTIONAL, 56 * private-domain-name [2] PrivateDomainName OPTIONAL, 57 * organization-name [3] OrganizationName OPTIONAL, 58 * -- see also teletex-organization-name 59 * numeric-user-identifier [4] NumericUserIdentifier OPTIONAL, 60 * personal-name [5] PersonalName OPTIONAL, 61 * -- see also teletex-personal-name 62 * organizational-unit-names [6] OrganizationalUnitNames OPTIONAL 63 * -- see also teletex-organizational-unit-names -- } 64 * 65 * CountryName ::= [APPLICATION 1] CHOICE { 66 * x121-dcc-code NumericString 67 * (SIZE (ub-country-name-numeric-length)), 68 * iso-3166-alpha2-code PrintableString 69 * (SIZE (ub-country-name-alpha-length)) } 70 * 71 * AdministrationDomainName ::= [APPLICATION 2] CHOICE { 72 * numeric NumericString (SIZE (0..ub-domain-name-length)), 73 * printable PrintableString (SIZE (0..ub-domain-name-length)) } 74 * 75 * NetworkAddress ::= X121Address -- see also extended-network-address 76 * 77 * X121Address ::= NumericString (SIZE (1..ub-x121-address-length)) 78 * 79 * TerminalIdentifier ::= PrintableString (SIZE (1..ub-terminal-id-length)) 80 * 81 * PrivateDomainName ::= CHOICE { 82 * numeric NumericString (SIZE (1..ub-domain-name-length)), 83 * printable PrintableString (SIZE (1..ub-domain-name-length)) } 84 * 85 * OrganizationName ::= PrintableString 86 * (SIZE (1..ub-organization-name-length)) 87 * -- see also teletex-organization-name 88 * 89 * NumericUserIdentifier ::= NumericString 90 * (SIZE (1..ub-numeric-user-id-length)) 91 * 92 * PersonalName ::= SET { 93 * surname [0] PrintableString (SIZE (1..ub-surname-length)), 94 * given-name [1] PrintableString 95 * (SIZE (1..ub-given-name-length)) OPTIONAL, 96 * initials [2] PrintableString (SIZE (1..ub-initials-length)) OPTIONAL, 97 * generation-qualifier [3] PrintableString 98 * (SIZE (1..ub-generation-qualifier-length)) OPTIONAL } 99 * -- see also teletex-personal-name 100 * 101 * OrganizationalUnitNames ::= SEQUENCE SIZE (1..ub-organizational-units) 102 * OF OrganizationalUnitName 103 * -- see also teletex-organizational-unit-names 104 * 105 * OrganizationalUnitName ::= PrintableString (SIZE 106 * (1..ub-organizational-unit-name-length)) 107 * 108 * -- Built-in Domain-defined Attributes 109 * 110 * BuiltInDomainDefinedAttributes ::= SEQUENCE SIZE 111 * (1..ub-domain-defined-attributes) OF 112 * BuiltInDomainDefinedAttribute 113 * 114 * BuiltInDomainDefinedAttribute ::= SEQUENCE { 115 * type PrintableString (SIZE 116 * (1..ub-domain-defined-attribute-type-length)), 117 * value PrintableString (SIZE 118 * (1..ub-domain-defined-attribute-value-length))} 119 * 120 * -- Extension Attributes 121 * 122 * ExtensionAttributes ::= SET SIZE (1..ub-extension-attributes) OF 123 * ExtensionAttribute 124 * 125 * ExtensionAttribute ::= SEQUENCE { 126 * extension-attribute-type [0] INTEGER (0..ub-extension-attributes), 127 * extension-attribute-value [1] 128 * ANY DEFINED BY extension-attribute-type } 129 * 130 * -- Extension types and attribute values 131 * -- 132 * 133 * common-name INTEGER ::= 1 134 * 135 * CommonName ::= PrintableString (SIZE (1..ub-common-name-length)) 136 * 137 * teletex-common-name INTEGER ::= 2 138 * 139 * TeletexCommonName ::= TeletexString (SIZE (1..ub-common-name-length)) 140 * 141 * teletex-organization-name INTEGER ::= 3 142 * 143 * TeletexOrganizationName ::= 144 * TeletexString (SIZE (1..ub-organization-name-length)) 145 * 146 * teletex-personal-name INTEGER ::= 4 147 * 148 * TeletexPersonalName ::= SET { 149 * surname [0] TeletexString (SIZE (1..ub-surname-length)), 150 * given-name [1] TeletexString 151 * (SIZE (1..ub-given-name-length)) OPTIONAL, 152 * initials [2] TeletexString (SIZE (1..ub-initials-length)) OPTIONAL, 153 * generation-qualifier [3] TeletexString (SIZE 154 * (1..ub-generation-qualifier-length)) OPTIONAL } 155 * 156 * teletex-organizational-unit-names INTEGER ::= 5 157 * 158 * TeletexOrganizationalUnitNames ::= SEQUENCE SIZE 159 * (1..ub-organizational-units) OF TeletexOrganizationalUnitName 160 * 161 * TeletexOrganizationalUnitName ::= TeletexString 162 * (SIZE (1..ub-organizational-unit-name-length)) 163 * 164 * pds-name INTEGER ::= 7 165 * 166 * PDSName ::= PrintableString (SIZE (1..ub-pds-name-length)) 167 * 168 * physical-delivery-country-name INTEGER ::= 8 169 * 170 * PhysicalDeliveryCountryName ::= CHOICE { 171 * x121-dcc-code NumericString (SIZE (ub-country-name-numeric-length)), 172 * iso-3166-alpha2-code PrintableString 173 * (SIZE (ub-country-name-alpha-length)) } 174 * 175 * postal-code INTEGER ::= 9 176 * 177 * PostalCode ::= CHOICE { 178 * numeric-code NumericString (SIZE (1..ub-postal-code-length)), 179 * printable-code PrintableString (SIZE (1..ub-postal-code-length)) } 180 * 181 * physical-delivery-office-name INTEGER ::= 10 182 * 183 * PhysicalDeliveryOfficeName ::= PDSParameter 184 * 185 * physical-delivery-office-number INTEGER ::= 11 186 * 187 * PhysicalDeliveryOfficeNumber ::= PDSParameter 188 * 189 * extension-OR-address-components INTEGER ::= 12 190 * 191 * ExtensionORAddressComponents ::= PDSParameter 192 * 193 * physical-delivery-personal-name INTEGER ::= 13 194 * 195 * PhysicalDeliveryPersonalName ::= PDSParameter 196 * 197 * physical-delivery-organization-name INTEGER ::= 14 198 * 199 * PhysicalDeliveryOrganizationName ::= PDSParameter 200 * 201 * extension-physical-delivery-address-components INTEGER ::= 15 202 * 203 * ExtensionPhysicalDeliveryAddressComponents ::= PDSParameter 204 * 205 * unformatted-postal-address INTEGER ::= 16 206 * 207 * UnformattedPostalAddress ::= SET { 208 * printable-address SEQUENCE SIZE (1..ub-pds-physical-address-lines) OF 209 * PrintableString (SIZE (1..ub-pds-parameter-length)) OPTIONAL, 210 * teletex-string TeletexString 211 * (SIZE (1..ub-unformatted-address-length)) OPTIONAL } 212 * 213 * street-address INTEGER ::= 17 214 * 215 * StreetAddress ::= PDSParameter 216 * 217 * post-office-box-address INTEGER ::= 18 218 * 219 * PostOfficeBoxAddress ::= PDSParameter 220 * 221 * poste-restante-address INTEGER ::= 19 222 * 223 * PosteRestanteAddress ::= PDSParameter 224 * 225 * unique-postal-name INTEGER ::= 20 226 * 227 * UniquePostalName ::= PDSParameter 228 * 229 * local-postal-attributes INTEGER ::= 21 230 * 231 * LocalPostalAttributes ::= PDSParameter 232 * 233 * PDSParameter ::= SET { 234 * printable-string PrintableString 235 * (SIZE(1..ub-pds-parameter-length)) OPTIONAL, 236 * teletex-string TeletexString 237 * (SIZE(1..ub-pds-parameter-length)) OPTIONAL } 238 * 239 * extended-network-address INTEGER ::= 22 240 * 241 * ExtendedNetworkAddress ::= CHOICE { 242 * e163-4-address SEQUENCE { 243 * number [0] NumericString (SIZE (1..ub-e163-4-number-length)), 244 * sub-address [1] NumericString 245 * (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL }, 246 * psap-address [0] PresentationAddress } 247 * 248 * PresentationAddress ::= SEQUENCE { 249 * pSelector [0] EXPLICIT OCTET STRING OPTIONAL, 250 * sSelector [1] EXPLICIT OCTET STRING OPTIONAL, 251 * tSelector [2] EXPLICIT OCTET STRING OPTIONAL, 252 * nAddresses [3] EXPLICIT SET SIZE (1..MAX) OF OCTET STRING } 253 * 254 * terminal-type INTEGER ::= 23 255 * 256 * TerminalType ::= INTEGER { 257 * telex (3), 258 * teletex (4), 259 * g3-facsimile (5), 260 * g4-facsimile (6), 261 * ia5-terminal (7), 262 * videotex (8) } (0..ub-integer-options) 263 * 264 * -- Extension Domain-defined Attributes 265 * 266 * teletex-domain-defined-attributes INTEGER ::= 6 267 * 268 * TeletexDomainDefinedAttributes ::= SEQUENCE SIZE 269 * (1..ub-domain-defined-attributes) OF TeletexDomainDefinedAttribute 270 * 271 * TeletexDomainDefinedAttribute ::= SEQUENCE { 272 * type TeletexString 273 * (SIZE (1..ub-domain-defined-attribute-type-length)), 274 * value TeletexString 275 * (SIZE (1..ub-domain-defined-attribute-value-length)) } 276 * 277 * -- specifications of Upper Bounds shall be regarded as mandatory 278 * -- from Annex B of ITU-T X.411 Reference Definition of MTS Parameter 279 * -- Upper Bounds 280 * 281 * -- Upper Bounds 282 * ub-name INTEGER ::= 32768 283 * ub-common-name INTEGER ::= 64 284 * ub-locality-name INTEGER ::= 128 285 * ub-state-name INTEGER ::= 128 286 * ub-organization-name INTEGER ::= 64 287 * ub-organizational-unit-name INTEGER ::= 64 288 * ub-title INTEGER ::= 64 289 * ub-match INTEGER ::= 128 290 * 291 * ub-emailaddress-length INTEGER ::= 128 292 * 293 * ub-common-name-length INTEGER ::= 64 294 * ub-country-name-alpha-length INTEGER ::= 2 295 * ub-country-name-numeric-length INTEGER ::= 3 296 * ub-domain-defined-attributes INTEGER ::= 4 297 * ub-domain-defined-attribute-type-length INTEGER ::= 8 298 * ub-domain-defined-attribute-value-length INTEGER ::= 128 299 * ub-domain-name-length INTEGER ::= 16 300 * ub-extension-attributes INTEGER ::= 256 301 * ub-e163-4-number-length INTEGER ::= 15 302 * ub-e163-4-sub-address-length INTEGER ::= 40 303 * ub-generation-qualifier-length INTEGER ::= 3 304 * ub-given-name-length INTEGER ::= 16 305 * ub-initials-length INTEGER ::= 5 306 * ub-integer-options INTEGER ::= 256 307 * ub-numeric-user-id-length INTEGER ::= 32 308 * ub-organization-name-length INTEGER ::= 64 309 * ub-organizational-unit-name-length INTEGER ::= 32 310 * ub-organizational-units INTEGER ::= 4 311 * ub-pds-name-length INTEGER ::= 16 312 * ub-pds-parameter-length INTEGER ::= 30 313 * ub-pds-physical-address-lines INTEGER ::= 6 314 * ub-postal-code-length INTEGER ::= 16 315 * ub-surname-length INTEGER ::= 40 316 * ub-terminal-id-length INTEGER ::= 24 317 * ub-unformatted-address-length INTEGER ::= 180 318 * ub-x121-address-length INTEGER ::= 16 319 * 320 * -- Note - upper bounds on string types, such as TeletexString, are 321 * -- measured in characters. Excepting PrintableString or IA5String, a 322 * -- significantly greater number of octets will be required to hold 323 * -- such a value. As a minimum, 16 octets, or twice the specified upper 324 * -- bound, whichever is the larger, should be allowed for TeletexString. 325 * -- For UTF8String or UniversalString at least four times the upper 326 * -- bound should be allowed. 327 * </pre> 328 * 329 * @author Anne Anderson 330 * @since 1.4 331 * @see GeneralName 332 * @see GeneralNames 333 * @see GeneralNameInterface 334 */ 335 public class X400Address implements GeneralNameInterface { 336 337 // Private data members 338 byte[] nameValue = null; 339 340 /** 341 * Create the X400Address object from the specified byte array 342 * 343 * @param nameValue value of the name as a byte array 344 */ X400Address(byte[] value)345 public X400Address(byte[] value) { 346 nameValue = value; 347 } 348 349 /** 350 * Create the X400Address object from the passed encoded Der value. 351 * 352 * @param derValue the encoded DER X400Address. 353 * @exception IOException on error. 354 */ X400Address(DerValue derValue)355 public X400Address(DerValue derValue) throws IOException { 356 nameValue = derValue.toByteArray(); 357 } 358 359 /** 360 * Return the type of the GeneralName. 361 */ getType()362 public int getType() { 363 return (GeneralNameInterface.NAME_X400); 364 } 365 366 /** 367 * Encode the X400 name into the DerOutputStream. 368 * 369 * @param out the DER stream to encode the X400Address to. 370 * @exception IOException on encoding errors. 371 */ encode(DerOutputStream out)372 public void encode(DerOutputStream out) throws IOException { 373 DerValue derValue = new DerValue(nameValue); 374 out.putDerValue(derValue); 375 } 376 377 /** 378 * Return the printable string. 379 */ toString()380 public String toString() { 381 return ("X400Address: <DER-encoded value>"); 382 } 383 384 /** 385 * Return type of constraint inputName places on this name:<ul> 386 * <li>NAME_DIFF_TYPE = -1: input name is different type from name (i.e. does not constrain). 387 * <li>NAME_MATCH = 0: input name matches name. 388 * <li>NAME_NARROWS = 1: input name narrows name (is lower in the naming subtree) 389 * <li>NAME_WIDENS = 2: input name widens name (is higher in the naming subtree) 390 * <li>NAME_SAME_TYPE = 3: input name does not match or narrow name, but is same type. 391 * </ul>. These results are used in checking NameConstraints during 392 * certification path verification. 393 * 394 * @param inputName to be checked for being constrained 395 * @returns constraint type above 396 * @throws UnsupportedOperationException if name is same type, but comparison operations are 397 * not supported for this name type. 398 */ constrains(GeneralNameInterface inputName)399 public int constrains(GeneralNameInterface inputName) throws UnsupportedOperationException { 400 int constraintType; 401 if (inputName == null) 402 constraintType = NAME_DIFF_TYPE; 403 else if (inputName.getType() != NAME_X400) 404 constraintType = NAME_DIFF_TYPE; 405 else 406 //Narrowing, widening, and match constraints not defined in rfc2459 for X400Address 407 throw new UnsupportedOperationException("Narrowing, widening, and match are not supported for X400Address."); 408 return constraintType; 409 } 410 411 /** 412 * Return subtree depth of this name for purposes of determining 413 * NameConstraints minimum and maximum bounds and for calculating 414 * path lengths in name subtrees. 415 * 416 * @returns distance of name from root 417 * @throws UnsupportedOperationException if not supported for this name type 418 */ subtreeDepth()419 public int subtreeDepth() throws UnsupportedOperationException { 420 throw new UnsupportedOperationException("subtreeDepth not supported for X400Address"); 421 } 422 423 } 424