aboutsummaryrefslogtreecommitdiffstats
path: root/libraries/spongycastle/prov/src/main/jdk1.3/org/spongycastle/x509/X509AttributeCertStoreSelector.java
diff options
context:
space:
mode:
Diffstat (limited to 'libraries/spongycastle/prov/src/main/jdk1.3/org/spongycastle/x509/X509AttributeCertStoreSelector.java')
-rw-r--r--libraries/spongycastle/prov/src/main/jdk1.3/org/spongycastle/x509/X509AttributeCertStoreSelector.java486
1 files changed, 0 insertions, 486 deletions
diff --git a/libraries/spongycastle/prov/src/main/jdk1.3/org/spongycastle/x509/X509AttributeCertStoreSelector.java b/libraries/spongycastle/prov/src/main/jdk1.3/org/spongycastle/x509/X509AttributeCertStoreSelector.java
deleted file mode 100644
index b47236d1b..000000000
--- a/libraries/spongycastle/prov/src/main/jdk1.3/org/spongycastle/x509/X509AttributeCertStoreSelector.java
+++ /dev/null
@@ -1,486 +0,0 @@
-package org.spongycastle.x509;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.cert.CertificateExpiredException;
-import java.security.cert.CertificateNotYetValidException;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Date;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.Set;
-
-import org.spongycastle.asn1.ASN1InputStream;
-import org.spongycastle.asn1.ASN1Primitive;
-import org.spongycastle.asn1.DEROctetString;
-import org.spongycastle.asn1.x509.GeneralName;
-import org.spongycastle.asn1.x509.Target;
-import org.spongycastle.asn1.x509.TargetInformation;
-import org.spongycastle.asn1.x509.Targets;
-import org.spongycastle.asn1.x509.X509Extensions;
-import org.spongycastle.util.Selector;
-
-/**
- * This class is an <code>Selector</code> like implementation to select
- * attribute certificates from a given set of criteria.
- *
- * @see org.spongycastle.x509.X509AttributeCertificate
- * @see org.spongycastle.x509.X509Store
- */
-public class X509AttributeCertStoreSelector
- implements Selector
-{
-
- // TODO: name constraints???
-
- private AttributeCertificateHolder holder;
-
- private AttributeCertificateIssuer issuer;
-
- private BigInteger serialNumber;
-
- private Date attributeCertificateValid;
-
- private X509AttributeCertificate attributeCert;
-
- private Collection targetNames = new HashSet();
-
- private Collection targetGroups = new HashSet();
-
- public X509AttributeCertStoreSelector()
- {
- super();
- }
-
- /**
- * Decides if the given attribute certificate should be selected.
- *
- * @param obj The attribute certificate which should be checked.
- * @return <code>true</code> if the attribute certificate can be selected,
- * <code>false</code> otherwise.
- */
- public boolean match(Object obj)
- {
- if (!(obj instanceof X509AttributeCertificate))
- {
- return false;
- }
-
- X509AttributeCertificate attrCert = (X509AttributeCertificate) obj;
-
- if (this.attributeCert != null)
- {
- if (!this.attributeCert.equals(attrCert))
- {
- return false;
- }
- }
- if (serialNumber != null)
- {
- if (!attrCert.getSerialNumber().equals(serialNumber))
- {
- return false;
- }
- }
- if (holder != null)
- {
- if (!attrCert.getHolder().equals(holder))
- {
- return false;
- }
- }
- if (issuer != null)
- {
- if (!attrCert.getIssuer().equals(issuer))
- {
- return false;
- }
- }
-
- if (attributeCertificateValid != null)
- {
- try
- {
- attrCert.checkValidity(attributeCertificateValid);
- }
- catch (CertificateExpiredException e)
- {
- return false;
- }
- catch (CertificateNotYetValidException e)
- {
- return false;
- }
- }
- if (!targetNames.isEmpty() || !targetGroups.isEmpty())
- {
-
- byte[] targetInfoExt = attrCert
- .getExtensionValue(X509Extensions.TargetInformation.getId());
- if (targetInfoExt != null)
- {
- TargetInformation targetinfo;
- try
- {
- targetinfo = TargetInformation
- .getInstance(new ASN1InputStream(
- ((DEROctetString) DEROctetString
- .fromByteArray(targetInfoExt)).getOctets())
- .readObject());
- }
- catch (IOException e)
- {
- return false;
- }
- catch (IllegalArgumentException e)
- {
- return false;
- }
- Targets[] targetss = targetinfo.getTargetsObjects();
- if (!targetNames.isEmpty())
- {
- boolean found = false;
-
- for (int i=0; i<targetss.length; i++)
- {
- Targets t = targetss[i];
- Target[] targets = t.getTargets();
- for (int j=0; j<targets.length; j++)
- {
- if (targetNames.contains(targets[j]
- .getTargetName()))
- {
- found = true;
- break;
- }
- }
- }
- if (!found)
- {
- return false;
- }
- }
- if (!targetGroups.isEmpty())
- {
- boolean found = false;
-
- for (int i=0; i<targetss.length; i++)
- {
- Targets t = targetss[i];
- Target[] targets = t.getTargets();
- for (int j=0; j<targets.length; j++)
- {
- if (targetGroups.contains(targets[j]
- .getTargetGroup()))
- {
- found = true;
- break;
- }
- }
- }
- if (!found)
- {
- return false;
- }
- }
- }
- }
- return true;
- }
-
- /**
- * Returns a clone of this object.
- *
- * @return the clone.
- */
- public Object clone()
- {
- X509AttributeCertStoreSelector sel = new X509AttributeCertStoreSelector();
- sel.attributeCert = attributeCert;
- sel.attributeCertificateValid = getAttributeCertificateValid();
- sel.holder = holder;
- sel.issuer = issuer;
- sel.serialNumber = serialNumber;
- sel.targetGroups = getTargetGroups();
- sel.targetNames = getTargetNames();
- return sel;
- }
-
- /**
- * Returns the attribute certificate which must be matched.
- *
- * @return Returns the attribute certificate.
- */
- public X509AttributeCertificate getAttributeCert()
- {
- return attributeCert;
- }
-
- /**
- * Set the attribute certificate to be matched. If <code>null</code> is
- * given any will do.
- *
- * @param attributeCert The attribute certificate to set.
- */
- public void setAttributeCert(X509AttributeCertificate attributeCert)
- {
- this.attributeCert = attributeCert;
- }
-
- /**
- * Get the criteria for the validity.
- *
- * @return Returns the attributeCertificateValid.
- */
- public Date getAttributeCertificateValid()
- {
- if (attributeCertificateValid != null)
- {
- return new Date(attributeCertificateValid.getTime());
- }
-
- return null;
- }
-
- /**
- * Set the time, when the certificate must be valid. If <code>null</code>
- * is given any will do.
- *
- * @param attributeCertificateValid The attribute certificate validation
- * time to set.
- */
- public void setAttributeCertificateValid(Date attributeCertificateValid)
- {
- if (attributeCertificateValid != null)
- {
- this.attributeCertificateValid = new Date(attributeCertificateValid
- .getTime());
- }
- else
- {
- this.attributeCertificateValid = null;
- }
- }
-
- /**
- * Gets the holder.
- *
- * @return Returns the holder.
- */
- public AttributeCertificateHolder getHolder()
- {
- return holder;
- }
-
- /**
- * Sets the holder. If <code>null</code> is given any will do.
- *
- * @param holder The holder to set.
- */
- public void setHolder(AttributeCertificateHolder holder)
- {
- this.holder = holder;
- }
-
- /**
- * Returns the issuer criterion.
- *
- * @return Returns the issuer.
- */
- public AttributeCertificateIssuer getIssuer()
- {
- return issuer;
- }
-
- /**
- * Sets the issuer the attribute certificate must have. If <code>null</code>
- * is given any will do.
- *
- * @param issuer The issuer to set.
- */
- public void setIssuer(AttributeCertificateIssuer issuer)
- {
- this.issuer = issuer;
- }
-
- /**
- * Gets the serial number the attribute certificate must have.
- *
- * @return Returns the serialNumber.
- */
- public BigInteger getSerialNumber()
- {
- return serialNumber;
- }
-
- /**
- * Sets the serial number the attribute certificate must have. If
- * <code>null</code> is given any will do.
- *
- * @param serialNumber The serialNumber to set.
- */
- public void setSerialNumber(BigInteger serialNumber)
- {
- this.serialNumber = serialNumber;
- }
-
- /**
- * Adds a target name criterion for the attribute certificate to the target
- * information extension criteria. The <code>X509AttributeCertificate</code>
- * must contain at least one of the specified target names.
- * <p>
- * Each attribute certificate may contain a target information extension
- * limiting the servers where this attribute certificate can be used. If
- * this extension is not present, the attribute certificate is not targeted
- * and may be accepted by any server.
- *
- * @param name The name as a GeneralName (not <code>null</code>)
- */
- public void addTargetName(GeneralName name)
- {
- targetNames.add(name);
- }
-
- /**
- * Adds a target name criterion for the attribute certificate to the target
- * information extension criteria. The <code>X509AttributeCertificate</code>
- * must contain at least one of the specified target names.
- * <p>
- * Each attribute certificate may contain a target information extension
- * limiting the servers where this attribute certificate can be used. If
- * this extension is not present, the attribute certificate is not targeted
- * and may be accepted by any server.
- *
- * @param name a byte array containing the name in ASN.1 DER encoded form of a GeneralName
- * @throws IOException if a parsing error occurs.
- */
- public void addTargetName(byte[] name) throws IOException
- {
- addTargetName(GeneralName.getInstance(ASN1Primitive.fromByteArray(name)));
- }
-
- /**
- * Adds a collection with target names criteria. If <code>null</code> is
- * given any will do.
- * <p>
- * The collection consists of either GeneralName objects or byte[] arrays representing
- * DER encoded GeneralName structures.
- *
- * @param names A collection of target names.
- * @throws IOException if a parsing error occurs.
- * @see #addTargetName(byte[])
- * @see #addTargetName(GeneralName)
- */
- public void setTargetNames(Collection names) throws IOException
- {
- targetNames = extractGeneralNames(names);
- }
-
- /**
- * Gets the target names. The collection consists of <code>List</code>s
- * made up of an <code>Integer</code> in the first entry and a DER encoded
- * byte array or a <code>String</code> in the second entry.
- * <p>
- * The returned collection is immutable.
- *
- * @return The collection of target names
- * @see #setTargetNames(Collection)
- */
- public Collection getTargetNames()
- {
- return Collections.unmodifiableCollection(targetNames);
- }
-
- /**
- * Adds a target group criterion for the attribute certificate to the target
- * information extension criteria. The <code>X509AttributeCertificate</code>
- * must contain at least one of the specified target groups.
- * <p>
- * Each attribute certificate may contain a target information extension
- * limiting the servers where this attribute certificate can be used. If
- * this extension is not present, the attribute certificate is not targeted
- * and may be accepted by any server.
- *
- * @param group The group as GeneralName form (not <code>null</code>)
- */
- public void addTargetGroup(GeneralName group)
- {
- targetGroups.add(group);
- }
-
- /**
- * Adds a target group criterion for the attribute certificate to the target
- * information extension criteria. The <code>X509AttributeCertificate</code>
- * must contain at least one of the specified target groups.
- * <p>
- * Each attribute certificate may contain a target information extension
- * limiting the servers where this attribute certificate can be used. If
- * this extension is not present, the attribute certificate is not targeted
- * and may be accepted by any server.
- *
- * @param name a byte array containing the group in ASN.1 DER encoded form of a GeneralName
- * @throws IOException if a parsing error occurs.
- */
- public void addTargetGroup(byte[] name) throws IOException
- {
- addTargetGroup(GeneralName.getInstance(ASN1Primitive.fromByteArray(name)));
- }
-
- /**
- * Adds a collection with target groups criteria. If <code>null</code> is
- * given any will do.
- * <p>
- * The collection consists of <code>GeneralName</code> objects or <code>byte[]</code representing DER
- * encoded GeneralNames.
- *
- * @param names A collection of target groups.
- * @throws IOException if a parsing error occurs.
- * @see #addTargetGroup(byte[])
- * @see #addTargetGroup(GeneralName)
- */
- public void setTargetGroups(Collection names) throws IOException
- {
- targetGroups = extractGeneralNames(names);
- }
-
-
-
- /**
- * Gets the target groups. The collection consists of <code>List</code>s
- * made up of an <code>Integer</code> in the first entry and a DER encoded
- * byte array or a <code>String</code> in the second entry.
- * <p>
- * The returned collection is immutable.
- *
- * @return The collection of target groups.
- * @see #setTargetGroups(Collection)
- */
- public Collection getTargetGroups()
- {
- return Collections.unmodifiableCollection(targetGroups);
- }
-
- private Set extractGeneralNames(Collection names)
- throws IOException
- {
- if (names == null || names.isEmpty())
- {
- return new HashSet();
- }
- Set temp = new HashSet();
- for (Iterator it = names.iterator(); it.hasNext();)
- {
- Object o = it.next();
- if (o instanceof GeneralName)
- {
- temp.add(o);
- }
- else
- {
- temp.add(GeneralName.getInstance(ASN1Primitive.fromByteArray((byte[])o)));
- }
- }
- return temp;
- }
-}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-10 14:20:41 +0000