001package org.apache.commons.ssl.org.bouncycastle.asn1.x509;
002
003import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Boolean;
004import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1EncodableVector;
005import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Object;
006import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Primitive;
007import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Sequence;
008import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1TaggedObject;
009import org.apache.commons.ssl.org.bouncycastle.asn1.DERSequence;
010import org.apache.commons.ssl.org.bouncycastle.asn1.DERTaggedObject;
011
012/**
013 * <pre>
014 * IssuingDistributionPoint ::= SEQUENCE { 
015 *   distributionPoint          [0] DistributionPointName OPTIONAL, 
016 *   onlyContainsUserCerts      [1] BOOLEAN DEFAULT FALSE, 
017 *   onlyContainsCACerts        [2] BOOLEAN DEFAULT FALSE, 
018 *   onlySomeReasons            [3] ReasonFlags OPTIONAL, 
019 *   indirectCRL                [4] BOOLEAN DEFAULT FALSE,
020 *   onlyContainsAttributeCerts [5] BOOLEAN DEFAULT FALSE }
021 * </pre>
022 */
023public class IssuingDistributionPoint
024    extends ASN1Object
025{
026    private DistributionPointName distributionPoint;
027
028    private boolean onlyContainsUserCerts;
029
030    private boolean onlyContainsCACerts;
031
032    private ReasonFlags onlySomeReasons;
033
034    private boolean indirectCRL;
035
036    private boolean onlyContainsAttributeCerts;
037
038    private ASN1Sequence seq;
039
040    public static IssuingDistributionPoint getInstance(
041        ASN1TaggedObject obj,
042        boolean explicit)
043    {
044        return getInstance(ASN1Sequence.getInstance(obj, explicit));
045    }
046
047    public static IssuingDistributionPoint getInstance(
048        Object obj)
049    {
050        if (obj instanceof IssuingDistributionPoint)
051        {
052            return (IssuingDistributionPoint)obj;
053        }
054        else if (obj != null)
055        {
056            return new IssuingDistributionPoint(ASN1Sequence.getInstance(obj));
057        }
058
059        return null;
060    }
061
062    /**
063     * Constructor from given details.
064     * 
065     * @param distributionPoint
066     *            May contain an URI as pointer to most current CRL.
067     * @param onlyContainsUserCerts Covers revocation information for end certificates.
068     * @param onlyContainsCACerts Covers revocation information for CA certificates.
069     * 
070     * @param onlySomeReasons
071     *            Which revocation reasons does this point cover.
072     * @param indirectCRL
073     *            If <code>true</code> then the CRL contains revocation
074     *            information about certificates ssued by other CAs.
075     * @param onlyContainsAttributeCerts Covers revocation information for attribute certificates.
076     */
077    public IssuingDistributionPoint(
078        DistributionPointName distributionPoint,
079        boolean onlyContainsUserCerts,
080        boolean onlyContainsCACerts,
081        ReasonFlags onlySomeReasons,
082        boolean indirectCRL,
083        boolean onlyContainsAttributeCerts)
084    {
085        this.distributionPoint = distributionPoint;
086        this.indirectCRL = indirectCRL;
087        this.onlyContainsAttributeCerts = onlyContainsAttributeCerts;
088        this.onlyContainsCACerts = onlyContainsCACerts;
089        this.onlyContainsUserCerts = onlyContainsUserCerts;
090        this.onlySomeReasons = onlySomeReasons;
091
092        ASN1EncodableVector vec = new ASN1EncodableVector();
093        if (distributionPoint != null)
094        {                                    // CHOICE item so explicitly tagged
095            vec.add(new DERTaggedObject(true, 0, distributionPoint));
096        }
097        if (onlyContainsUserCerts)
098        {
099            vec.add(new DERTaggedObject(false, 1, ASN1Boolean.getInstance(true)));
100        }
101        if (onlyContainsCACerts)
102        {
103            vec.add(new DERTaggedObject(false, 2, ASN1Boolean.getInstance(true)));
104        }
105        if (onlySomeReasons != null)
106        {
107            vec.add(new DERTaggedObject(false, 3, onlySomeReasons));
108        }
109        if (indirectCRL)
110        {
111            vec.add(new DERTaggedObject(false, 4, ASN1Boolean.getInstance(true)));
112        }
113        if (onlyContainsAttributeCerts)
114        {
115            vec.add(new DERTaggedObject(false, 5, ASN1Boolean.getInstance(true)));
116        }
117
118        seq = new DERSequence(vec);
119    }
120
121    /**
122     * Shorthand Constructor from given details.
123     *
124     * @param distributionPoint
125     *            May contain an URI as pointer to most current CRL.
126     * @param indirectCRL
127     *            If <code>true</code> then the CRL contains revocation
128     *            information about certificates ssued by other CAs.
129     * @param onlyContainsAttributeCerts Covers revocation information for attribute certificates.
130     */
131    public IssuingDistributionPoint(
132        DistributionPointName distributionPoint,
133        boolean indirectCRL,
134        boolean onlyContainsAttributeCerts)
135    {
136        this(distributionPoint, false, false, null, indirectCRL, onlyContainsAttributeCerts);
137    }
138
139    /**
140     * Constructor from ASN1Sequence
141     */
142    private IssuingDistributionPoint(
143        ASN1Sequence seq)
144    {
145        this.seq = seq;
146
147        for (int i = 0; i != seq.size(); i++)
148        {
149            ASN1TaggedObject o = ASN1TaggedObject.getInstance(seq.getObjectAt(i));
150
151            switch (o.getTagNo())
152            {
153            case 0:
154                                                    // CHOICE so explicit
155                distributionPoint = DistributionPointName.getInstance(o, true);
156                break;
157            case 1:
158                onlyContainsUserCerts = ASN1Boolean.getInstance(o, false).isTrue();
159                break;
160            case 2:
161                onlyContainsCACerts = ASN1Boolean.getInstance(o, false).isTrue();
162                break;
163            case 3:
164                onlySomeReasons = new ReasonFlags(ReasonFlags.getInstance(o, false));
165                break;
166            case 4:
167                indirectCRL = ASN1Boolean.getInstance(o, false).isTrue();
168                break;
169            case 5:
170                onlyContainsAttributeCerts = ASN1Boolean.getInstance(o, false).isTrue();
171                break;
172            default:
173                throw new IllegalArgumentException(
174                        "unknown tag in IssuingDistributionPoint");
175            }
176        }
177    }
178
179    public boolean onlyContainsUserCerts()
180    {
181        return onlyContainsUserCerts;
182    }
183
184    public boolean onlyContainsCACerts()
185    {
186        return onlyContainsCACerts;
187    }
188
189    public boolean isIndirectCRL()
190    {
191        return indirectCRL;
192    }
193
194    public boolean onlyContainsAttributeCerts()
195    {
196        return onlyContainsAttributeCerts;
197    }
198
199    /**
200     * @return Returns the distributionPoint.
201     */
202    public DistributionPointName getDistributionPoint()
203    {
204        return distributionPoint;
205    }
206
207    /**
208     * @return Returns the onlySomeReasons.
209     */
210    public ReasonFlags getOnlySomeReasons()
211    {
212        return onlySomeReasons;
213    }
214
215    public ASN1Primitive toASN1Primitive()
216    {
217        return seq;
218    }
219
220    public String toString()
221    {
222        String       sep = System.getProperty("line.separator");
223        StringBuffer buf = new StringBuffer();
224
225        buf.append("IssuingDistributionPoint: [");
226        buf.append(sep);
227        if (distributionPoint != null)
228        {
229            appendObject(buf, sep, "distributionPoint", distributionPoint.toString());
230        }
231        if (onlyContainsUserCerts)
232        {
233            appendObject(buf, sep, "onlyContainsUserCerts", booleanToString(onlyContainsUserCerts));
234        }
235        if (onlyContainsCACerts)
236        {
237            appendObject(buf, sep, "onlyContainsCACerts", booleanToString(onlyContainsCACerts));
238        }
239        if (onlySomeReasons != null)
240        {
241            appendObject(buf, sep, "onlySomeReasons", onlySomeReasons.toString());
242        }
243        if (onlyContainsAttributeCerts)
244        {
245            appendObject(buf, sep, "onlyContainsAttributeCerts", booleanToString(onlyContainsAttributeCerts));
246        }
247        if (indirectCRL)
248        {
249            appendObject(buf, sep, "indirectCRL", booleanToString(indirectCRL));
250        }
251        buf.append("]");
252        buf.append(sep);
253        return buf.toString();
254    }
255
256    private void appendObject(StringBuffer buf, String sep, String name, String value)
257    {
258        String       indent = "    ";
259
260        buf.append(indent);
261        buf.append(name);
262        buf.append(":");
263        buf.append(sep);
264        buf.append(indent);
265        buf.append(indent);
266        buf.append(value);
267        buf.append(sep);
268    }
269
270    private String booleanToString(boolean value)
271    {
272        return value ? "true" : "false";
273    }
274}