001package org.apache.commons.ssl.org.bouncycastle.asn1.x509;
002
003import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1EncodableVector;
004import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Object;
005import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Primitive;
006import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Sequence;
007import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1TaggedObject;
008import org.apache.commons.ssl.org.bouncycastle.asn1.DERSequence;
009import org.apache.commons.ssl.org.bouncycastle.asn1.DERTaggedObject;
010
011/**
012 * The Holder object.
013 * <p>
014 * For an v2 attribute certificate this is:
015 * 
016 * <pre>
017 *            Holder ::= SEQUENCE {
018 *                  baseCertificateID   [0] IssuerSerial OPTIONAL,
019 *                           -- the issuer and serial number of
020 *                           -- the holder's Public Key Certificate
021 *                  entityName          [1] GeneralNames OPTIONAL,
022 *                           -- the name of the claimant or role
023 *                  objectDigestInfo    [2] ObjectDigestInfo OPTIONAL
024 *                           -- used to directly authenticate the holder,
025 *                           -- for example, an executable
026 *            }
027 * </pre>
028 * 
029 * <p>
030 * For an v1 attribute certificate this is:
031 * 
032 * <pre>
033 *         subject CHOICE {
034 *          baseCertificateID [0] EXPLICIT IssuerSerial,
035 *          -- associated with a Public Key Certificate
036 *          subjectName [1] EXPLICIT GeneralNames },
037 *          -- associated with a name
038 * </pre>
039 */
040public class Holder
041    extends ASN1Object
042{
043    public static final int V1_CERTIFICATE_HOLDER = 0;
044    public static final int V2_CERTIFICATE_HOLDER = 1;
045
046    IssuerSerial baseCertificateID;
047
048    GeneralNames entityName;
049
050    ObjectDigestInfo objectDigestInfo;
051
052    private int version = V2_CERTIFICATE_HOLDER;
053
054    public static Holder getInstance(Object obj)
055    {
056        if (obj instanceof Holder)
057        {
058            return (Holder)obj;
059        }
060        else if (obj instanceof ASN1TaggedObject)
061        {
062            return new Holder(ASN1TaggedObject.getInstance(obj));
063        }
064        else if (obj != null)
065        {
066            return new Holder(ASN1Sequence.getInstance(obj));
067        }
068
069        return null;
070    }
071
072    /**
073     * Constructor for a holder for an V1 attribute certificate.
074     * 
075     * @param tagObj The ASN.1 tagged holder object.
076     */
077    private Holder(ASN1TaggedObject tagObj)
078    {
079        switch (tagObj.getTagNo())
080        {
081        case 0:
082            baseCertificateID = IssuerSerial.getInstance(tagObj, true);
083            break;
084        case 1:
085            entityName = GeneralNames.getInstance(tagObj, true);
086            break;
087        default:
088            throw new IllegalArgumentException("unknown tag in Holder");
089        }
090        version = 0;
091    }
092
093    /**
094     * Constructor for a holder for an V2 attribute certificate.
095     * 
096     * @param seq The ASN.1 sequence.
097     */
098    private Holder(ASN1Sequence seq)
099    {
100        if (seq.size() > 3)
101        {
102            throw new IllegalArgumentException("Bad sequence size: "
103                + seq.size());
104        }
105
106        for (int i = 0; i != seq.size(); i++)
107        {
108            ASN1TaggedObject tObj = ASN1TaggedObject.getInstance(seq
109                .getObjectAt(i));
110
111            switch (tObj.getTagNo())
112            {
113            case 0:
114                baseCertificateID = IssuerSerial.getInstance(tObj, false);
115                break;
116            case 1:
117                entityName = GeneralNames.getInstance(tObj, false);
118                break;
119            case 2:
120                objectDigestInfo = ObjectDigestInfo.getInstance(tObj, false);
121                break;
122            default:
123                throw new IllegalArgumentException("unknown tag in Holder");
124            }
125        }
126        version = 1;
127    }
128
129    public Holder(IssuerSerial baseCertificateID)
130    {
131        this(baseCertificateID, V2_CERTIFICATE_HOLDER);
132    }
133
134    /**
135     * Constructs a holder from a IssuerSerial for a V1 or V2 certificate.
136     * .
137     * @param baseCertificateID The IssuerSerial.
138     * @param version The version of the attribute certificate. 
139     */
140    public Holder(IssuerSerial baseCertificateID, int version)
141    {
142        this.baseCertificateID = baseCertificateID;
143        this.version = version;
144    }
145    
146    /**
147     * Returns 1 for V2 attribute certificates or 0 for V1 attribute
148     * certificates. 
149     * @return The version of the attribute certificate.
150     */
151    public int getVersion()
152    {
153        return version;
154    }
155
156    /**
157     * Constructs a holder with an entityName for V2 attribute certificates.
158     * 
159     * @param entityName The entity or subject name.
160     */
161    public Holder(GeneralNames entityName)
162    {
163        this(entityName, V2_CERTIFICATE_HOLDER);
164    }
165
166    /**
167     * Constructs a holder with an entityName for V2 attribute certificates or
168     * with a subjectName for V1 attribute certificates.
169     * 
170     * @param entityName The entity or subject name.
171     * @param version The version of the attribute certificate. 
172     */
173    public Holder(GeneralNames entityName, int version)
174    {
175        this.entityName = entityName;
176        this.version = version;
177    }
178    
179    /**
180     * Constructs a holder from an object digest info.
181     * 
182     * @param objectDigestInfo The object digest info object.
183     */
184    public Holder(ObjectDigestInfo objectDigestInfo)
185    {
186        this.objectDigestInfo = objectDigestInfo;
187    }
188
189    public IssuerSerial getBaseCertificateID()
190    {
191        return baseCertificateID;
192    }
193
194    /**
195     * Returns the entityName for an V2 attribute certificate or the subjectName
196     * for an V1 attribute certificate.
197     * 
198     * @return The entityname or subjectname.
199     */
200    public GeneralNames getEntityName()
201    {
202        return entityName;
203    }
204
205    public ObjectDigestInfo getObjectDigestInfo()
206    {
207        return objectDigestInfo;
208    }
209
210    public ASN1Primitive toASN1Primitive()
211    {
212        if (version == 1)
213        {
214            ASN1EncodableVector v = new ASN1EncodableVector();
215
216            if (baseCertificateID != null)
217            {
218                v.add(new DERTaggedObject(false, 0, baseCertificateID));
219            }
220
221            if (entityName != null)
222            {
223                v.add(new DERTaggedObject(false, 1, entityName));
224            }
225
226            if (objectDigestInfo != null)
227            {
228                v.add(new DERTaggedObject(false, 2, objectDigestInfo));
229            }
230
231            return new DERSequence(v);
232        }
233        else
234        {
235            if (entityName != null)
236            {
237                return new DERTaggedObject(true, 1, entityName);
238            }
239            else
240            {
241                return new DERTaggedObject(true, 0, baseCertificateID);
242            }
243        }
244    }
245}