1 /* 2 * Copyright (C) 2014 The Android Open Source Project 3 * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved. 4 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 5 * 6 * This code is free software; you can redistribute it and/or modify it 7 * under the terms of the GNU General Public License version 2 only, as 8 * published by the Free Software Foundation. Oracle designates this 9 * particular file as subject to the "Classpath" exception as provided 10 * by Oracle in the LICENSE file that accompanied this code. 11 * 12 * This code is distributed in the hope that it will be useful, but WITHOUT 13 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 14 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 15 * version 2 for more details (a copy is included in the LICENSE file that 16 * accompanied this code). 17 * 18 * You should have received a copy of the GNU General Public License version 19 * 2 along with this work; if not, write to the Free Software Foundation, 20 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 21 * 22 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 23 * or visit www.oracle.com if you need additional information or have any 24 * questions. 25 */ 26 27 package sun.security.x509; 28 29 import java.util.*; 30 import java.io.IOException; 31 32 import java.security.cert.CertificateException; 33 import java.security.cert.CertificateParsingException; 34 35 import sun.security.util.*; 36 37 /** 38 * This class defines the mapping from OID & name to classes and vice 39 * versa. Used by CertificateExtensions & PKCS10 to get the java 40 * classes associated with a particular OID/name. 41 * 42 * @author Amit Kapoor 43 * @author Hemma Prafullchandra 44 * @author Andreas Sterbenz 45 * 46 */ 47 public class OIDMap { 48 OIDMap()49 private OIDMap() { 50 // empty 51 } 52 53 // "user-friendly" names 54 private static final String ROOT = X509CertImpl.NAME + "." + 55 X509CertInfo.NAME + "." + 56 X509CertInfo.EXTENSIONS; 57 private static final String AUTH_KEY_IDENTIFIER = ROOT + "." + 58 AuthorityKeyIdentifierExtension.NAME; 59 private static final String SUB_KEY_IDENTIFIER = ROOT + "." + 60 SubjectKeyIdentifierExtension.NAME; 61 private static final String KEY_USAGE = ROOT + "." + 62 KeyUsageExtension.NAME; 63 private static final String PRIVATE_KEY_USAGE = ROOT + "." + 64 PrivateKeyUsageExtension.NAME; 65 private static final String POLICY_MAPPINGS = ROOT + "." + 66 PolicyMappingsExtension.NAME; 67 private static final String SUB_ALT_NAME = ROOT + "." + 68 SubjectAlternativeNameExtension.NAME; 69 private static final String ISSUER_ALT_NAME = ROOT + "." + 70 IssuerAlternativeNameExtension.NAME; 71 private static final String BASIC_CONSTRAINTS = ROOT + "." + 72 BasicConstraintsExtension.NAME; 73 private static final String NAME_CONSTRAINTS = ROOT + "." + 74 NameConstraintsExtension.NAME; 75 private static final String POLICY_CONSTRAINTS = ROOT + "." + 76 PolicyConstraintsExtension.NAME; 77 private static final String CRL_NUMBER = ROOT + "." + 78 CRLNumberExtension.NAME; 79 private static final String CRL_REASON = ROOT + "." + 80 CRLReasonCodeExtension.NAME; 81 private static final String NETSCAPE_CERT = ROOT + "." + 82 NetscapeCertTypeExtension.NAME; 83 private static final String CERT_POLICIES = ROOT + "." + 84 CertificatePoliciesExtension.NAME; 85 private static final String EXT_KEY_USAGE = ROOT + "." + 86 ExtendedKeyUsageExtension.NAME; 87 private static final String INHIBIT_ANY_POLICY = ROOT + "." + 88 InhibitAnyPolicyExtension.NAME; 89 private static final String CRL_DIST_POINTS = ROOT + "." + 90 CRLDistributionPointsExtension.NAME; 91 92 private static final String CERT_ISSUER = ROOT + "." + 93 CertificateIssuerExtension.NAME; 94 private static final String SUBJECT_INFO_ACCESS = ROOT + "." + 95 SubjectInfoAccessExtension.NAME; 96 private static final String AUTH_INFO_ACCESS = ROOT + "." + 97 AuthorityInfoAccessExtension.NAME; 98 private static final String ISSUING_DIST_POINT = ROOT + "." + 99 IssuingDistributionPointExtension.NAME; 100 private static final String DELTA_CRL_INDICATOR = ROOT + "." + 101 DeltaCRLIndicatorExtension.NAME; 102 private static final String FRESHEST_CRL = ROOT + "." + 103 FreshestCRLExtension.NAME; 104 private static final String OCSPNOCHECK = ROOT + "." + 105 OCSPNoCheckExtension.NAME; 106 107 private static final int NetscapeCertType_data[] = 108 { 2, 16, 840, 1, 113730, 1, 1 }; 109 110 /** Map ObjectIdentifier(oid) -> OIDInfo(info) */ 111 private final static Map<ObjectIdentifier,OIDInfo> oidMap; 112 113 /** Map String(friendly name) -> OIDInfo(info) */ 114 private final static Map<String,OIDInfo> nameMap; 115 116 static { 117 oidMap = new HashMap<ObjectIdentifier,OIDInfo>(); 118 nameMap = new HashMap<String,OIDInfo>(); addInternal(SUB_KEY_IDENTIFIER, PKIXExtensions.SubjectKey_Id, SubjectKeyIdentifierExtension.class)119 addInternal(SUB_KEY_IDENTIFIER, PKIXExtensions.SubjectKey_Id, 120 SubjectKeyIdentifierExtension.class); addInternal(KEY_USAGE, PKIXExtensions.KeyUsage_Id, KeyUsageExtension.class)121 addInternal(KEY_USAGE, PKIXExtensions.KeyUsage_Id, 122 KeyUsageExtension.class); addInternal(PRIVATE_KEY_USAGE, PKIXExtensions.PrivateKeyUsage_Id, PrivateKeyUsageExtension.class)123 addInternal(PRIVATE_KEY_USAGE, PKIXExtensions.PrivateKeyUsage_Id, 124 PrivateKeyUsageExtension.class); addInternal(SUB_ALT_NAME, PKIXExtensions.SubjectAlternativeName_Id, SubjectAlternativeNameExtension.class)125 addInternal(SUB_ALT_NAME, PKIXExtensions.SubjectAlternativeName_Id, 126 SubjectAlternativeNameExtension.class); addInternal(ISSUER_ALT_NAME, PKIXExtensions.IssuerAlternativeName_Id, IssuerAlternativeNameExtension.class)127 addInternal(ISSUER_ALT_NAME, PKIXExtensions.IssuerAlternativeName_Id, 128 IssuerAlternativeNameExtension.class); addInternal(BASIC_CONSTRAINTS, PKIXExtensions.BasicConstraints_Id, BasicConstraintsExtension.class)129 addInternal(BASIC_CONSTRAINTS, PKIXExtensions.BasicConstraints_Id, 130 BasicConstraintsExtension.class); addInternal(CRL_NUMBER, PKIXExtensions.CRLNumber_Id, CRLNumberExtension.class)131 addInternal(CRL_NUMBER, PKIXExtensions.CRLNumber_Id, 132 CRLNumberExtension.class); addInternal(CRL_REASON, PKIXExtensions.ReasonCode_Id, CRLReasonCodeExtension.class)133 addInternal(CRL_REASON, PKIXExtensions.ReasonCode_Id, 134 CRLReasonCodeExtension.class); addInternal(NAME_CONSTRAINTS, PKIXExtensions.NameConstraints_Id, NameConstraintsExtension.class)135 addInternal(NAME_CONSTRAINTS, PKIXExtensions.NameConstraints_Id, 136 NameConstraintsExtension.class); addInternal(POLICY_MAPPINGS, PKIXExtensions.PolicyMappings_Id, PolicyMappingsExtension.class)137 addInternal(POLICY_MAPPINGS, PKIXExtensions.PolicyMappings_Id, 138 PolicyMappingsExtension.class); addInternal(AUTH_KEY_IDENTIFIER, PKIXExtensions.AuthorityKey_Id, AuthorityKeyIdentifierExtension.class)139 addInternal(AUTH_KEY_IDENTIFIER, PKIXExtensions.AuthorityKey_Id, 140 AuthorityKeyIdentifierExtension.class); addInternal(POLICY_CONSTRAINTS, PKIXExtensions.PolicyConstraints_Id, PolicyConstraintsExtension.class)141 addInternal(POLICY_CONSTRAINTS, PKIXExtensions.PolicyConstraints_Id, 142 PolicyConstraintsExtension.class); addInternal(NETSCAPE_CERT, ObjectIdentifier.newInternal (new int[] {2,16,840,1,113730,1,1}), NetscapeCertTypeExtension.class)143 addInternal(NETSCAPE_CERT, ObjectIdentifier.newInternal 144 (new int[] {2,16,840,1,113730,1,1}), 145 NetscapeCertTypeExtension.class); addInternal(CERT_POLICIES, PKIXExtensions.CertificatePolicies_Id, CertificatePoliciesExtension.class)146 addInternal(CERT_POLICIES, PKIXExtensions.CertificatePolicies_Id, 147 CertificatePoliciesExtension.class); addInternal(EXT_KEY_USAGE, PKIXExtensions.ExtendedKeyUsage_Id, ExtendedKeyUsageExtension.class)148 addInternal(EXT_KEY_USAGE, PKIXExtensions.ExtendedKeyUsage_Id, 149 ExtendedKeyUsageExtension.class); addInternal(INHIBIT_ANY_POLICY, PKIXExtensions.InhibitAnyPolicy_Id, InhibitAnyPolicyExtension.class)150 addInternal(INHIBIT_ANY_POLICY, PKIXExtensions.InhibitAnyPolicy_Id, 151 InhibitAnyPolicyExtension.class); addInternal(CRL_DIST_POINTS, PKIXExtensions.CRLDistributionPoints_Id, CRLDistributionPointsExtension.class)152 addInternal(CRL_DIST_POINTS, PKIXExtensions.CRLDistributionPoints_Id, 153 CRLDistributionPointsExtension.class); addInternal(CERT_ISSUER, PKIXExtensions.CertificateIssuer_Id, CertificateIssuerExtension.class)154 addInternal(CERT_ISSUER, PKIXExtensions.CertificateIssuer_Id, 155 CertificateIssuerExtension.class); addInternal(SUBJECT_INFO_ACCESS, PKIXExtensions.SubjectInfoAccess_Id, SubjectInfoAccessExtension.class)156 addInternal(SUBJECT_INFO_ACCESS, PKIXExtensions.SubjectInfoAccess_Id, 157 SubjectInfoAccessExtension.class); addInternal(AUTH_INFO_ACCESS, PKIXExtensions.AuthInfoAccess_Id, AuthorityInfoAccessExtension.class)158 addInternal(AUTH_INFO_ACCESS, PKIXExtensions.AuthInfoAccess_Id, 159 AuthorityInfoAccessExtension.class); addInternal(ISSUING_DIST_POINT, PKIXExtensions.IssuingDistributionPoint_Id, IssuingDistributionPointExtension.class)160 addInternal(ISSUING_DIST_POINT, 161 PKIXExtensions.IssuingDistributionPoint_Id, 162 IssuingDistributionPointExtension.class); addInternal(DELTA_CRL_INDICATOR, PKIXExtensions.DeltaCRLIndicator_Id, DeltaCRLIndicatorExtension.class)163 addInternal(DELTA_CRL_INDICATOR, PKIXExtensions.DeltaCRLIndicator_Id, 164 DeltaCRLIndicatorExtension.class); addInternal(FRESHEST_CRL, PKIXExtensions.FreshestCRL_Id, FreshestCRLExtension.class)165 addInternal(FRESHEST_CRL, PKIXExtensions.FreshestCRL_Id, 166 FreshestCRLExtension.class); addInternal(OCSPNOCHECK, PKIXExtensions.OCSPNoCheck_Id, OCSPNoCheckExtension.class)167 addInternal(OCSPNOCHECK, PKIXExtensions.OCSPNoCheck_Id, 168 OCSPNoCheckExtension.class); 169 } 170 171 /** 172 * Add attributes to the table. For internal use in the static 173 * initializer. 174 */ addInternal(String name, ObjectIdentifier oid, Class clazz)175 private static void addInternal(String name, ObjectIdentifier oid, 176 Class clazz) { 177 OIDInfo info = new OIDInfo(name, oid, clazz); 178 oidMap.put(oid, info); 179 nameMap.put(name, info); 180 } 181 182 /** 183 * Inner class encapsulating the mapping info and Class loading. 184 */ 185 private static class OIDInfo { 186 187 final ObjectIdentifier oid; 188 final String name; 189 private final Class clazz; 190 OIDInfo(String name, ObjectIdentifier oid, Class clazz)191 OIDInfo(String name, ObjectIdentifier oid, Class clazz) { 192 this.name = name; 193 this.oid = oid; 194 this.clazz = clazz; 195 } 196 197 /** 198 * Return the Class object associated with this attribute. 199 */ getClazz()200 Class getClazz() throws CertificateException { 201 return clazz; 202 } 203 } 204 205 /** 206 * Add a name to lookup table. 207 * 208 * @param name the name of the attr 209 * @param oid the string representation of the object identifier for 210 * the class. 211 * @param clazz the Class object associated with this attribute 212 * @exception CertificateException on errors. 213 */ addAttribute(String name, String oid, Class clazz)214 public static void addAttribute(String name, String oid, Class clazz) 215 throws CertificateException { 216 ObjectIdentifier objId; 217 try { 218 objId = new ObjectIdentifier(oid); 219 } catch (IOException ioe) { 220 throw new CertificateException 221 ("Invalid Object identifier: " + oid); 222 } 223 OIDInfo info = new OIDInfo(name, objId, clazz); 224 if (oidMap.put(objId, info) != null) { 225 throw new CertificateException 226 ("Object identifier already exists: " + oid); 227 } 228 if (nameMap.put(name, info) != null) { 229 throw new CertificateException("Name already exists: " + name); 230 } 231 } 232 233 /** 234 * Return user friendly name associated with the OID. 235 * 236 * @param oid the name of the object identifier to be returned. 237 * @return the user friendly name or null if no name 238 * is registered for this oid. 239 */ getName(ObjectIdentifier oid)240 public static String getName(ObjectIdentifier oid) { 241 OIDInfo info = oidMap.get(oid); 242 return (info == null) ? null : info.name; 243 } 244 245 /** 246 * Return Object identifier for user friendly name. 247 * 248 * @param name the user friendly name. 249 * @return the Object Identifier or null if no oid 250 * is registered for this name. 251 */ getOID(String name)252 public static ObjectIdentifier getOID(String name) { 253 OIDInfo info = nameMap.get(name); 254 return (info == null) ? null : info.oid; 255 } 256 257 /** 258 * Return the java class object associated with the user friendly name. 259 * 260 * @param name the user friendly name. 261 * @exception CertificateException if class cannot be instantiated. 262 */ getClass(String name)263 public static Class getClass(String name) throws CertificateException { 264 OIDInfo info = nameMap.get(name); 265 return (info == null) ? null : info.getClazz(); 266 } 267 268 /** 269 * Return the java class object associated with the object identifier. 270 * 271 * @param oid the name of the object identifier to be returned. 272 * @exception CertificateException if class cannot be instatiated. 273 */ getClass(ObjectIdentifier oid)274 public static Class getClass(ObjectIdentifier oid) 275 throws CertificateException { 276 OIDInfo info = oidMap.get(oid); 277 return (info == null) ? null : info.getClazz(); 278 } 279 280 } 281