001: /*
002: * @(#)CertificateExtensions.java 1.26 06/10/10
003: *
004: * Copyright 1990-2006 Sun Microsystems, Inc. All Rights Reserved.
005: * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER
006: *
007: * This program is free software; you can redistribute it and/or
008: * modify it under the terms of the GNU General Public License version
009: * 2 only, as published by the Free Software Foundation.
010: *
011: * This program is distributed in the hope that it will be useful, but
012: * WITHOUT ANY WARRANTY; without even the implied warranty of
013: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
014: * General Public License version 2 for more details (a copy is
015: * included at /legal/license.txt).
016: *
017: * You should have received a copy of the GNU General Public License
018: * version 2 along with this work; if not, write to the Free Software
019: * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020: * 02110-1301 USA
021: *
022: * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa
023: * Clara, CA 95054 or visit www.sun.com if you need additional
024: * information or have any questions.
025: *
026: */
027:
028: package sun.security.x509;
029:
030: import java.io.IOException;
031: import java.io.InputStream;
032: import java.io.OutputStream;
033: import java.lang.reflect.Array;
034: import java.lang.reflect.Constructor;
035: import java.lang.reflect.InvocationTargetException;
036: import java.security.cert.CertificateException;
037: import java.util.Collection;
038: import java.util.Enumeration;
039: import java.util.Hashtable;
040:
041: import sun.security.util.*;
042:
043: /**
044: * This class defines the Extensions attribute for the Certificate.
045: *
046: * @author Amit Kapoor
047: * @author Hemma Prafullchandra
048: * @version 1.19
049: * @see CertAttrSet
050: */
051: public class CertificateExtensions implements CertAttrSet {
052: /**
053: * Identifier for this attribute, to be used with the
054: * get, set, delete methods of Certificate, x509 type.
055: */
056: public static final String IDENT = "x509.info.extensions";
057: /**
058: * name
059: */
060: public static final String NAME = "extensions";
061:
062: private Hashtable map = new Hashtable(11);
063: private boolean unsupportedCritExt = false;
064:
065: /**
066: * Default constructor.
067: */
068: public CertificateExtensions() {
069: }
070:
071: /**
072: * Create the object, decoding the values from the passed DER stream.
073: *
074: * @param in the DerInputStream to read the Extension from.
075: * @exception IOException on decoding errors.
076: */
077: public CertificateExtensions(DerInputStream in) throws IOException {
078: init(in);
079: }
080:
081: /**
082: * Decode the extensions from the InputStream.
083: *
084: * @param in the InputStream to unmarshal the contents from.
085: * @exception IOException on decoding or validity errors.
086: */
087: public void decode(InputStream in) throws IOException {
088: DerValue val = new DerValue(in);
089: init(val.data);
090: }
091:
092: // helper routine
093: private void init(DerInputStream in) throws IOException {
094:
095: DerValue[] exts = in.getSequence(5);
096:
097: for (int i = 0; i < exts.length; i++) {
098: Extension ext = new Extension(exts[i]);
099: parseExtension(ext);
100: }
101: }
102:
103: // Parse the encoded extension
104: private void parseExtension(Extension ext) throws IOException {
105: try {
106: Class extClass = OIDMap.getClass(ext.getExtensionId());
107: if (extClass == null) { // Unsupported extension
108: if (ext.isCritical())
109: unsupportedCritExt = true;
110: if (map.put(ext.getExtensionId().toString(), ext) == null)
111: return;
112: else
113: throw new IOException(
114: "Duplicate extensions not allowed");
115: }
116: Class[] params = { Boolean.class, Object.class };
117: Constructor cons = extClass.getConstructor(params);
118:
119: byte[] extData = ext.getExtensionValue();
120: int extLen = extData.length;
121: Object value = Array.newInstance(byte.class, extLen);
122:
123: for (int i = 0; i < extLen; i++)
124: Array.setByte(value, i, extData[i]);
125: Object[] passed = new Object[] {
126: new Boolean(ext.isCritical()), value };
127: CertAttrSet certExt = (CertAttrSet) cons
128: .newInstance(passed);
129: if (map.put(certExt.getName(), certExt) != null)
130: throw new IOException(
131: "Duplicate extensions not allowed");
132:
133: } catch (InvocationTargetException invk) {
134: Throwable e = invk.getTargetException();
135: throw (IOException) new IOException(e.toString())
136: .initCause(e);
137: } catch (Exception e) {
138: throw (IOException) new IOException(e.toString())
139: .initCause(e);
140: }
141: }
142:
143: /**
144: * Encode the extensions in DER form to the stream, setting
145: * the context specific tag as needed in the X.509 v3 certificate.
146: *
147: * @param out the DerOutputStream to marshal the contents to.
148: * @exception CertificateException on encoding errors.
149: * @exception IOException on errors.
150: */
151: public void encode(OutputStream out) throws CertificateException,
152: IOException {
153: encode(out, false);
154: }
155:
156: /**
157: * Encode the extensions in DER form to the stream.
158: *
159: * @param out the DerOutputStream to marshal the contents to.
160: * @param isCertReq if true then no context specific tag is added.
161: * @exception CertificateException on encoding errors.
162: * @exception IOException on errors.
163: */
164: public void encode(OutputStream out, boolean isCertReq)
165: throws CertificateException, IOException {
166: DerOutputStream extOut = new DerOutputStream();
167: Collection allExts = map.values();
168: Object[] objs = allExts.toArray();
169:
170: for (int i = 0; i < objs.length; i++) {
171: if (objs[i] instanceof CertAttrSet)
172: ((CertAttrSet) objs[i]).encode(extOut);
173: else if (objs[i] instanceof Extension)
174: ((Extension) objs[i]).encode(extOut);
175: else
176: throw new CertificateException(
177: "Illegal extension object");
178: }
179:
180: DerOutputStream seq = new DerOutputStream();
181: seq.write(DerValue.tag_Sequence, extOut);
182:
183: DerOutputStream tmp;
184: if (!isCertReq) { // certificate
185: tmp = new DerOutputStream();
186: tmp.write(DerValue.createTag(DerValue.TAG_CONTEXT, true,
187: (byte) 3), seq);
188: } else
189: tmp = seq; // pkcs#10 certificateRequest
190:
191: out.write(tmp.toByteArray());
192: }
193:
194: /**
195: * Set the attribute value.
196: * @param name the extension name used in the cache.
197: * @param obj the object to set.
198: * @exception IOException if the object could not be cached.
199: */
200: public void set(String name, Object obj) throws IOException {
201: if (obj instanceof Extension)
202: map.put(name, obj);
203: else
204: throw new IOException("Unknown extension type.");
205: }
206:
207: /**
208: * Get the attribute value.
209: * @param name the extension name used in the lookup.
210: * @exception IOException if named extension is not found.
211: */
212: public Object get(String name) throws IOException {
213: Object obj = map.get(name);
214: if (obj == null) {
215: throw new IOException("No extension found with name "
216: + name);
217: }
218: return (obj);
219: }
220:
221: /**
222: * Delete the attribute value.
223: * @param name the extension name used in the lookup.
224: * @exception IOException if named extension is not found.
225: */
226: public void delete(String name) throws IOException {
227: Object obj = map.get(name);
228: if (obj == null) {
229: throw new IOException("No extension found with name "
230: + name);
231: }
232: map.remove(name);
233: }
234:
235: /**
236: * Return an enumeration of names of attributes existing within this
237: * attribute.
238: */
239: public Enumeration getElements() {
240: return (map.elements());
241: }
242:
243: /**
244: * Return a collection view of the extensions.
245: * @return a collection view of the extensions in this Certificate.
246: */
247: public Collection getAllExtensions() {
248: return (map.values());
249: }
250:
251: /**
252: * Return the name of this attribute.
253: */
254: public String getName() {
255: return (NAME);
256: }
257:
258: /**
259: * Return true if a critical extension is found that is
260: * not supported, otherwise return false.
261: */
262: public boolean hasUnsupportedCriticalExtension() {
263: return (unsupportedCritExt);
264: }
265:
266: /**
267: * Compares this CertificateExtensions for equality with the specified
268: * object. If the <code>other</code> object is an
269: * <code>instanceof</code> <code>CertificateExtensions</code>, then
270: * all the entries are compared with the entries from this.
271: *
272: * @param other the object to test for equality with this CertificateExtensions.
273: * @return true iff all the entries match that of the Other,
274: * false otherwise.
275: */
276: public boolean equals(Object other) {
277: if (this == other)
278: return true;
279: if (!(other instanceof CertificateExtensions))
280: return false;
281: Collection otherC = ((CertificateExtensions) other)
282: .getAllExtensions();
283: Object[] objs = otherC.toArray();
284:
285: int len = objs.length;
286: if (len != map.size())
287: return false;
288:
289: Extension otherExt, this Ext;
290: String key = null;
291: for (int i = 0; i < len; i++) {
292: if (objs[i] instanceof CertAttrSet)
293: key = ((CertAttrSet) objs[i]).getName();
294: otherExt = (Extension) objs[i];
295: if (key == null)
296: key = otherExt.getExtensionId().toString();
297: this Ext = (Extension) map.get(key);
298: if (this Ext == null)
299: return false;
300: if (!this Ext.equals(otherExt))
301: return false;
302: }
303: return true;
304: }
305:
306: /**
307: * Returns a hashcode value for this CertificateExtensions.
308: *
309: * @return the hashcode value.
310: */
311: public int hashCode() {
312: return map.hashCode();
313: }
314:
315: /**
316: * Returns a string representation of this <tt>CertificateExtensions</tt>
317: * object in the form of a set of entries, enclosed in braces and separated
318: * by the ASCII characters "<tt>, </tt>" (comma and space).
319: * <p>Overrides to <tt>toString</tt> method of <tt>Object</tt>.
320: *
321: * @return a string representation of this CertificateExtensions.
322: */
323: public String toString() {
324: return map.toString();
325: }
326: }
|