1 /* 2 * Copyright (C) 2014 The Android Open Source Project 3 * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. 4 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 5 * 6 * This code is free software; you can redistribute it and/or modify it 7 * under the terms of the GNU General Public License version 2 only, as 8 * published by the Free Software Foundation. Oracle designates this 9 * particular file as subject to the "Classpath" exception as provided 10 * by Oracle in the LICENSE file that accompanied this code. 11 * 12 * This code is distributed in the hope that it will be useful, but WITHOUT 13 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 14 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 15 * version 2 for more details (a copy is included in the LICENSE file that 16 * accompanied this code). 17 * 18 * You should have received a copy of the GNU General Public License version 19 * 2 along with this work; if not, write to the Free Software Foundation, 20 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 21 * 22 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 23 * or visit www.oracle.com if you need additional information or have any 24 * questions. 25 */ 26 27 package sun.security.x509; 28 29 import java.util.*; 30 import java.io.IOException; 31 32 import java.security.cert.CertificateException; 33 34 import sun.security.util.*; 35 36 /** 37 * This class defines the mapping from OID & name to classes and vice 38 * versa. Used by CertificateExtensions & PKCS10 to get the java 39 * classes associated with a particular OID/name. 40 * 41 * @author Amit Kapoor 42 * @author Hemma Prafullchandra 43 * @author Andreas Sterbenz 44 * 45 */ 46 public class OIDMap { 47 OIDMap()48 private OIDMap() { 49 // empty 50 } 51 52 // "user-friendly" names 53 private static final String ROOT = X509CertImpl.NAME + "." + 54 X509CertInfo.NAME + "." + 55 X509CertInfo.EXTENSIONS; 56 private static final String AUTH_KEY_IDENTIFIER = ROOT + "." + 57 AuthorityKeyIdentifierExtension.NAME; 58 private static final String SUB_KEY_IDENTIFIER = ROOT + "." + 59 SubjectKeyIdentifierExtension.NAME; 60 private static final String KEY_USAGE = ROOT + "." + 61 KeyUsageExtension.NAME; 62 private static final String PRIVATE_KEY_USAGE = ROOT + "." + 63 PrivateKeyUsageExtension.NAME; 64 private static final String POLICY_MAPPINGS = ROOT + "." + 65 PolicyMappingsExtension.NAME; 66 private static final String SUB_ALT_NAME = ROOT + "." + 67 SubjectAlternativeNameExtension.NAME; 68 private static final String ISSUER_ALT_NAME = ROOT + "." + 69 IssuerAlternativeNameExtension.NAME; 70 private static final String BASIC_CONSTRAINTS = ROOT + "." + 71 BasicConstraintsExtension.NAME; 72 private static final String NAME_CONSTRAINTS = ROOT + "." + 73 NameConstraintsExtension.NAME; 74 private static final String POLICY_CONSTRAINTS = ROOT + "." + 75 PolicyConstraintsExtension.NAME; 76 private static final String CRL_NUMBER = ROOT + "." + 77 CRLNumberExtension.NAME; 78 private static final String CRL_REASON = ROOT + "." + 79 CRLReasonCodeExtension.NAME; 80 private static final String NETSCAPE_CERT = ROOT + "." + 81 NetscapeCertTypeExtension.NAME; 82 private static final String CERT_POLICIES = ROOT + "." + 83 CertificatePoliciesExtension.NAME; 84 private static final String EXT_KEY_USAGE = ROOT + "." + 85 ExtendedKeyUsageExtension.NAME; 86 private static final String INHIBIT_ANY_POLICY = ROOT + "." + 87 InhibitAnyPolicyExtension.NAME; 88 private static final String CRL_DIST_POINTS = ROOT + "." + 89 CRLDistributionPointsExtension.NAME; 90 91 private static final String CERT_ISSUER = ROOT + "." + 92 CertificateIssuerExtension.NAME; 93 private static final String SUBJECT_INFO_ACCESS = ROOT + "." + 94 SubjectInfoAccessExtension.NAME; 95 private static final String AUTH_INFO_ACCESS = ROOT + "." + 96 AuthorityInfoAccessExtension.NAME; 97 private static final String ISSUING_DIST_POINT = ROOT + "." + 98 IssuingDistributionPointExtension.NAME; 99 private static final String DELTA_CRL_INDICATOR = ROOT + "." + 100 DeltaCRLIndicatorExtension.NAME; 101 private static final String FRESHEST_CRL = ROOT + "." + 102 FreshestCRLExtension.NAME; 103 private static final String OCSPNOCHECK = ROOT + "." + 104 OCSPNoCheckExtension.NAME; 105 106 private static final int NetscapeCertType_data[] = 107 { 2, 16, 840, 1, 113730, 1, 1 }; 108 109 /** Map ObjectIdentifier(oid) -> OIDInfo(info) */ 110 private final static Map<ObjectIdentifier,OIDInfo> oidMap; 111 112 /** Map String(friendly name) -> OIDInfo(info) */ 113 private final static Map<String,OIDInfo> nameMap; 114 115 static { 116 oidMap = new HashMap<ObjectIdentifier,OIDInfo>(); 117 nameMap = new HashMap<String,OIDInfo>(); addInternal(SUB_KEY_IDENTIFIER, PKIXExtensions.SubjectKey_Id, SubjectKeyIdentifierExtension.class)118 addInternal(SUB_KEY_IDENTIFIER, PKIXExtensions.SubjectKey_Id, 119 SubjectKeyIdentifierExtension.class); addInternal(KEY_USAGE, PKIXExtensions.KeyUsage_Id, KeyUsageExtension.class)120 addInternal(KEY_USAGE, PKIXExtensions.KeyUsage_Id, 121 KeyUsageExtension.class); addInternal(PRIVATE_KEY_USAGE, PKIXExtensions.PrivateKeyUsage_Id, PrivateKeyUsageExtension.class)122 addInternal(PRIVATE_KEY_USAGE, PKIXExtensions.PrivateKeyUsage_Id, 123 PrivateKeyUsageExtension.class); addInternal(SUB_ALT_NAME, PKIXExtensions.SubjectAlternativeName_Id, SubjectAlternativeNameExtension.class)124 addInternal(SUB_ALT_NAME, PKIXExtensions.SubjectAlternativeName_Id, 125 SubjectAlternativeNameExtension.class); addInternal(ISSUER_ALT_NAME, PKIXExtensions.IssuerAlternativeName_Id, IssuerAlternativeNameExtension.class)126 addInternal(ISSUER_ALT_NAME, PKIXExtensions.IssuerAlternativeName_Id, 127 IssuerAlternativeNameExtension.class); addInternal(BASIC_CONSTRAINTS, PKIXExtensions.BasicConstraints_Id, BasicConstraintsExtension.class)128 addInternal(BASIC_CONSTRAINTS, PKIXExtensions.BasicConstraints_Id, 129 BasicConstraintsExtension.class); addInternal(CRL_NUMBER, PKIXExtensions.CRLNumber_Id, CRLNumberExtension.class)130 addInternal(CRL_NUMBER, PKIXExtensions.CRLNumber_Id, 131 CRLNumberExtension.class); addInternal(CRL_REASON, PKIXExtensions.ReasonCode_Id, CRLReasonCodeExtension.class)132 addInternal(CRL_REASON, PKIXExtensions.ReasonCode_Id, 133 CRLReasonCodeExtension.class); addInternal(NAME_CONSTRAINTS, PKIXExtensions.NameConstraints_Id, NameConstraintsExtension.class)134 addInternal(NAME_CONSTRAINTS, PKIXExtensions.NameConstraints_Id, 135 NameConstraintsExtension.class); addInternal(POLICY_MAPPINGS, PKIXExtensions.PolicyMappings_Id, PolicyMappingsExtension.class)136 addInternal(POLICY_MAPPINGS, PKIXExtensions.PolicyMappings_Id, 137 PolicyMappingsExtension.class); addInternal(AUTH_KEY_IDENTIFIER, PKIXExtensions.AuthorityKey_Id, AuthorityKeyIdentifierExtension.class)138 addInternal(AUTH_KEY_IDENTIFIER, PKIXExtensions.AuthorityKey_Id, 139 AuthorityKeyIdentifierExtension.class); addInternal(POLICY_CONSTRAINTS, PKIXExtensions.PolicyConstraints_Id, PolicyConstraintsExtension.class)140 addInternal(POLICY_CONSTRAINTS, PKIXExtensions.PolicyConstraints_Id, 141 PolicyConstraintsExtension.class); addInternal(NETSCAPE_CERT, ObjectIdentifier.newInternal (new int[] {2,16,840,1,113730,1,1}), NetscapeCertTypeExtension.class)142 addInternal(NETSCAPE_CERT, ObjectIdentifier.newInternal 143 (new int[] {2,16,840,1,113730,1,1}), 144 NetscapeCertTypeExtension.class); addInternal(CERT_POLICIES, PKIXExtensions.CertificatePolicies_Id, CertificatePoliciesExtension.class)145 addInternal(CERT_POLICIES, PKIXExtensions.CertificatePolicies_Id, 146 CertificatePoliciesExtension.class); addInternal(EXT_KEY_USAGE, PKIXExtensions.ExtendedKeyUsage_Id, ExtendedKeyUsageExtension.class)147 addInternal(EXT_KEY_USAGE, PKIXExtensions.ExtendedKeyUsage_Id, 148 ExtendedKeyUsageExtension.class); addInternal(INHIBIT_ANY_POLICY, PKIXExtensions.InhibitAnyPolicy_Id, InhibitAnyPolicyExtension.class)149 addInternal(INHIBIT_ANY_POLICY, PKIXExtensions.InhibitAnyPolicy_Id, 150 InhibitAnyPolicyExtension.class); addInternal(CRL_DIST_POINTS, PKIXExtensions.CRLDistributionPoints_Id, CRLDistributionPointsExtension.class)151 addInternal(CRL_DIST_POINTS, PKIXExtensions.CRLDistributionPoints_Id, 152 CRLDistributionPointsExtension.class); addInternal(CERT_ISSUER, PKIXExtensions.CertificateIssuer_Id, CertificateIssuerExtension.class)153 addInternal(CERT_ISSUER, PKIXExtensions.CertificateIssuer_Id, 154 CertificateIssuerExtension.class); addInternal(SUBJECT_INFO_ACCESS, PKIXExtensions.SubjectInfoAccess_Id, SubjectInfoAccessExtension.class)155 addInternal(SUBJECT_INFO_ACCESS, PKIXExtensions.SubjectInfoAccess_Id, 156 SubjectInfoAccessExtension.class); addInternal(AUTH_INFO_ACCESS, PKIXExtensions.AuthInfoAccess_Id, AuthorityInfoAccessExtension.class)157 addInternal(AUTH_INFO_ACCESS, PKIXExtensions.AuthInfoAccess_Id, 158 AuthorityInfoAccessExtension.class); addInternal(ISSUING_DIST_POINT, PKIXExtensions.IssuingDistributionPoint_Id, IssuingDistributionPointExtension.class)159 addInternal(ISSUING_DIST_POINT, 160 PKIXExtensions.IssuingDistributionPoint_Id, 161 IssuingDistributionPointExtension.class); addInternal(DELTA_CRL_INDICATOR, PKIXExtensions.DeltaCRLIndicator_Id, DeltaCRLIndicatorExtension.class)162 addInternal(DELTA_CRL_INDICATOR, PKIXExtensions.DeltaCRLIndicator_Id, 163 DeltaCRLIndicatorExtension.class); addInternal(FRESHEST_CRL, PKIXExtensions.FreshestCRL_Id, FreshestCRLExtension.class)164 addInternal(FRESHEST_CRL, PKIXExtensions.FreshestCRL_Id, 165 FreshestCRLExtension.class); addInternal(OCSPNOCHECK, PKIXExtensions.OCSPNoCheck_Id, OCSPNoCheckExtension.class)166 addInternal(OCSPNOCHECK, PKIXExtensions.OCSPNoCheck_Id, 167 OCSPNoCheckExtension.class); 168 } 169 170 /** 171 * Add attributes to the table. For internal use in the static 172 * initializer. 173 */ addInternal(String name, ObjectIdentifier oid, Class clazz)174 private static void addInternal(String name, ObjectIdentifier oid, 175 Class clazz) { 176 OIDInfo info = new OIDInfo(name, oid, clazz); 177 oidMap.put(oid, info); 178 nameMap.put(name, info); 179 } 180 181 /** 182 * Inner class encapsulating the mapping info and Class loading. 183 */ 184 private static class OIDInfo { 185 186 final ObjectIdentifier oid; 187 final String name; 188 private volatile Class<?> clazz; 189 OIDInfo(String name, ObjectIdentifier oid, Class<?> clazz)190 OIDInfo(String name, ObjectIdentifier oid, Class<?> clazz) { 191 this.name = name; 192 this.oid = oid; 193 this.clazz = clazz; 194 } 195 196 /** 197 * Return the Class object associated with this attribute. 198 */ getClazz()199 Class<?> getClazz() throws CertificateException { 200 return clazz; 201 } 202 } 203 204 /** 205 * Add a name to lookup table. 206 * 207 * @param name the name of the attr 208 * @param oid the string representation of the object identifier for 209 * the class. 210 * @param clazz the Class object associated with this attribute 211 * @exception CertificateException on errors. 212 */ addAttribute(String name, String oid, Class<?> clazz)213 public static void addAttribute(String name, String oid, Class<?> clazz) 214 throws CertificateException { 215 ObjectIdentifier objId; 216 try { 217 objId = new ObjectIdentifier(oid); 218 } catch (IOException ioe) { 219 throw new CertificateException 220 ("Invalid Object identifier: " + oid); 221 } 222 OIDInfo info = new OIDInfo(name, objId, clazz); 223 if (oidMap.put(objId, info) != null) { 224 throw new CertificateException 225 ("Object identifier already exists: " + oid); 226 } 227 if (nameMap.put(name, info) != null) { 228 throw new CertificateException("Name already exists: " + name); 229 } 230 } 231 232 /** 233 * Return user friendly name associated with the OID. 234 * 235 * @param oid the name of the object identifier to be returned. 236 * @return the user friendly name or null if no name 237 * is registered for this oid. 238 */ getName(ObjectIdentifier oid)239 public static String getName(ObjectIdentifier oid) { 240 OIDInfo info = oidMap.get(oid); 241 return (info == null) ? null : info.name; 242 } 243 244 /** 245 * Return Object identifier for user friendly name. 246 * 247 * @param name the user friendly name. 248 * @return the Object Identifier or null if no oid 249 * is registered for this name. 250 */ getOID(String name)251 public static ObjectIdentifier getOID(String name) { 252 OIDInfo info = nameMap.get(name); 253 return (info == null) ? null : info.oid; 254 } 255 256 /** 257 * Return the java class object associated with the user friendly name. 258 * 259 * @param name the user friendly name. 260 * @exception CertificateException if class cannot be instantiated. 261 */ getClass(String name)262 public static Class<?> getClass(String name) throws CertificateException { 263 OIDInfo info = nameMap.get(name); 264 return (info == null) ? null : info.getClazz(); 265 } 266 267 /** 268 * Return the java class object associated with the object identifier. 269 * 270 * @param oid the name of the object identifier to be returned. 271 * @exception CertificateException if class cannot be instatiated. 272 */ getClass(ObjectIdentifier oid)273 public static Class<?> getClass(ObjectIdentifier oid) 274 throws CertificateException { 275 OIDInfo info = oidMap.get(oid); 276 return (info == null) ? null : info.getClazz(); 277 } 278 279 } 280