package org.bouncycastle.asn1.x509;

import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;

import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DERBoolean;
import org.bouncycastle.asn1.DERObject;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DERSequence;

public class X509Extensions
    extends ASN1Encodable
{
    
Subject Directory Attributes
Deprecated:use X509Extension value.
/** * Subject Directory Attributes * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier SubjectDirectoryAttributes = new ASN1ObjectIdentifier("2.5.29.9");
Subject Key Identifier @deprecated use X509Extension value.
/** * Subject Key Identifier * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier SubjectKeyIdentifier = new ASN1ObjectIdentifier("2.5.29.14");
Key Usage @deprecated use X509Extension value.
/** * Key Usage * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier KeyUsage = new ASN1ObjectIdentifier("2.5.29.15");
Private Key Usage Period @deprecated use X509Extension value.
/** * Private Key Usage Period * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier PrivateKeyUsagePeriod = new ASN1ObjectIdentifier("2.5.29.16");
Subject Alternative Name @deprecated use X509Extension value.
/** * Subject Alternative Name * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier SubjectAlternativeName = new ASN1ObjectIdentifier("2.5.29.17");
Issuer Alternative Name @deprecated use X509Extension value.
/** * Issuer Alternative Name * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier IssuerAlternativeName = new ASN1ObjectIdentifier("2.5.29.18");
Basic Constraints @deprecated use X509Extension value.
/** * Basic Constraints * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier BasicConstraints = new ASN1ObjectIdentifier("2.5.29.19");
CRL Number @deprecated use X509Extension value.
/** * CRL Number * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier CRLNumber = new ASN1ObjectIdentifier("2.5.29.20");
Reason code @deprecated use X509Extension value.
/** * Reason code * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier ReasonCode = new ASN1ObjectIdentifier("2.5.29.21");
Hold Instruction Code @deprecated use X509Extension value.
/** * Hold Instruction Code * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier InstructionCode = new ASN1ObjectIdentifier("2.5.29.23");
Invalidity Date @deprecated use X509Extension value.
/** * Invalidity Date * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier InvalidityDate = new ASN1ObjectIdentifier("2.5.29.24");
Delta CRL indicator @deprecated use X509Extension value.
/** * Delta CRL indicator * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier DeltaCRLIndicator = new ASN1ObjectIdentifier("2.5.29.27");
Issuing Distribution Point @deprecated use X509Extension value.
/** * Issuing Distribution Point * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier IssuingDistributionPoint = new ASN1ObjectIdentifier("2.5.29.28");
Certificate Issuer @deprecated use X509Extension value.
/** * Certificate Issuer * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier CertificateIssuer = new ASN1ObjectIdentifier("2.5.29.29");
Name Constraints @deprecated use X509Extension value.
/** * Name Constraints * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier NameConstraints = new ASN1ObjectIdentifier("2.5.29.30");
CRL Distribution Points @deprecated use X509Extension value.
/** * CRL Distribution Points * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier CRLDistributionPoints = new ASN1ObjectIdentifier("2.5.29.31");
Certificate Policies @deprecated use X509Extension value.
/** * Certificate Policies * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier CertificatePolicies = new ASN1ObjectIdentifier("2.5.29.32");
Policy Mappings @deprecated use X509Extension value.
/** * Policy Mappings * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier PolicyMappings = new ASN1ObjectIdentifier("2.5.29.33");
Authority Key Identifier @deprecated use X509Extension value.
/** * Authority Key Identifier * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier AuthorityKeyIdentifier = new ASN1ObjectIdentifier("2.5.29.35");
Policy Constraints @deprecated use X509Extension value.
/** * Policy Constraints * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier PolicyConstraints = new ASN1ObjectIdentifier("2.5.29.36");
Extended Key Usage @deprecated use X509Extension value.
/** * Extended Key Usage * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier ExtendedKeyUsage = new ASN1ObjectIdentifier("2.5.29.37");
Freshest CRL @deprecated use X509Extension value.
/** * Freshest CRL * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier FreshestCRL = new ASN1ObjectIdentifier("2.5.29.46");
Inhibit Any Policy @deprecated use X509Extension value.
/** * Inhibit Any Policy * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier InhibitAnyPolicy = new ASN1ObjectIdentifier("2.5.29.54");
Authority Info Access @deprecated use X509Extension value.
/** * Authority Info Access * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier AuthorityInfoAccess = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.1");
Subject Info Access @deprecated use X509Extension value.
/** * Subject Info Access * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier SubjectInfoAccess = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.11");
Logo Type @deprecated use X509Extension value.
/** * Logo Type * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier LogoType = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.12");
BiometricInfo @deprecated use X509Extension value.
/** * BiometricInfo * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier BiometricInfo = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.2");
QCStatements @deprecated use X509Extension value.
/** * QCStatements * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier QCStatements = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.3");
Audit identity extension in attribute certificates. @deprecated use X509Extension value.
/** * Audit identity extension in attribute certificates. * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier AuditIdentity = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.4");
NoRevAvail extension in attribute certificates. @deprecated use X509Extension value.
/** * NoRevAvail extension in attribute certificates. * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier NoRevAvail = new ASN1ObjectIdentifier("2.5.29.56");
TargetInformation extension in attribute certificates. @deprecated use X509Extension value.
/** * TargetInformation extension in attribute certificates. * @deprecated use X509Extension value. */
public static final ASN1ObjectIdentifier TargetInformation = new ASN1ObjectIdentifier("2.5.29.55"); private Hashtable extensions = new Hashtable(); private Vector ordering = new Vector(); public static X509Extensions getInstance( ASN1TaggedObject obj, boolean explicit) { return getInstance(ASN1Sequence.getInstance(obj, explicit)); } public static X509Extensions getInstance( Object obj) { if (obj == null || obj instanceof X509Extensions) { return (X509Extensions)obj; } if (obj instanceof ASN1Sequence) { return new X509Extensions((ASN1Sequence)obj); } if (obj instanceof ASN1TaggedObject) { return getInstance(((ASN1TaggedObject)obj).getObject()); } throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName()); }
Constructor from ASN1Sequence. the extensions are a list of constructed sequences, either with (OID, OctetString) or (OID, Boolean, OctetString)
/** * Constructor from ASN1Sequence. * * the extensions are a list of constructed sequences, either with (OID, OctetString) or (OID, Boolean, OctetString) */
public X509Extensions( ASN1Sequence seq) { Enumeration e = seq.getObjects(); while (e.hasMoreElements()) { ASN1Sequence s = ASN1Sequence.getInstance(e.nextElement()); if (s.size() == 3) { extensions.put(s.getObjectAt(0), new X509Extension(DERBoolean.getInstance(s.getObjectAt(1)), ASN1OctetString.getInstance(s.getObjectAt(2)))); } else if (s.size() == 2) { extensions.put(s.getObjectAt(0), new X509Extension(false, ASN1OctetString.getInstance(s.getObjectAt(1)))); } else { throw new IllegalArgumentException("Bad sequence size: " + s.size()); } ordering.addElement(s.getObjectAt(0)); } }
constructor from a table of extensions.

it's is assumed the table contains OID/String pairs.

/** * constructor from a table of extensions. * <p> * it's is assumed the table contains OID/String pairs. */
public X509Extensions( Hashtable extensions) { this(null, extensions); }
Constructor from a table of extensions with ordering.

It's is assumed the table contains OID/String pairs.

/** * Constructor from a table of extensions with ordering. * <p> * It's is assumed the table contains OID/String pairs. */
public X509Extensions( Vector ordering, Hashtable extensions) { Enumeration e; if (ordering == null) { e = extensions.keys(); } else { e = ordering.elements(); } while (e.hasMoreElements()) { this.ordering.addElement(new ASN1ObjectIdentifier(((DERObjectIdentifier)e.nextElement()).getId())); } e = this.ordering.elements(); while (e.hasMoreElements()) { ASN1ObjectIdentifier oid = new ASN1ObjectIdentifier(((DERObjectIdentifier)e.nextElement()).getId()); X509Extension ext = (X509Extension)extensions.get(oid); this.extensions.put(oid, ext); } }
Constructor from two vectors
Params:
  • objectIDs – a vector of the object identifiers.
  • values – a vector of the extension values.
/** * Constructor from two vectors * * @param objectIDs a vector of the object identifiers. * @param values a vector of the extension values. */
public X509Extensions( Vector objectIDs, Vector values) { Enumeration e = objectIDs.elements(); while (e.hasMoreElements()) { this.ordering.addElement(e.nextElement()); } int count = 0; e = this.ordering.elements(); while (e.hasMoreElements()) { ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement(); X509Extension ext = (X509Extension)values.elementAt(count); this.extensions.put(oid, ext); count++; } }
return an Enumeration of the extension field's object ids.
/** * return an Enumeration of the extension field's object ids. */
public Enumeration oids() { return ordering.elements(); }
return the extension represented by the object identifier passed in.
Returns:the extension if it's present, null otherwise.
/** * return the extension represented by the object identifier * passed in. * * @return the extension if it's present, null otherwise. */
public X509Extension getExtension( ASN1ObjectIdentifier oid) { return (X509Extension)extensions.get(oid); }
Params:
  • oid –
Deprecated:
Returns:
/** * @deprecated * @param oid * @return */
public X509Extension getExtension( DERObjectIdentifier oid) { return (X509Extension)extensions.get(oid); }
    Extensions        ::=   SEQUENCE SIZE (1..MAX) OF Extension
    Extension         ::=   SEQUENCE {
       extnId            EXTENSION.&id ({ExtensionSet}),
       critical          BOOLEAN DEFAULT FALSE,
       extnValue         OCTET STRING }
/** * <pre> * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension * * Extension ::= SEQUENCE { * extnId EXTENSION.&amp;id ({ExtensionSet}), * critical BOOLEAN DEFAULT FALSE, * extnValue OCTET STRING } * </pre> */
public DERObject toASN1Object() { ASN1EncodableVector vec = new ASN1EncodableVector(); Enumeration e = ordering.elements(); while (e.hasMoreElements()) { ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement(); X509Extension ext = (X509Extension)extensions.get(oid); ASN1EncodableVector v = new ASN1EncodableVector(); v.add(oid); if (ext.isCritical()) { v.add(new DERBoolean(true)); } v.add(ext.getValue()); vec.add(new DERSequence(v)); } return new DERSequence(vec); } public boolean equivalent( X509Extensions other) { if (extensions.size() != other.extensions.size()) { return false; } Enumeration e1 = extensions.keys(); while (e1.hasMoreElements()) { Object key = e1.nextElement(); if (!extensions.get(key).equals(other.extensions.get(key))) { return false; } } return true; } public ASN1ObjectIdentifier[] getExtensionOIDs() { return toOidArray(ordering); } public ASN1ObjectIdentifier[] getNonCriticalExtensionOIDs() { return getExtensionOIDs(false); } public ASN1ObjectIdentifier[] getCriticalExtensionOIDs() { return getExtensionOIDs(true); } private ASN1ObjectIdentifier[] getExtensionOIDs(boolean isCritical) { Vector oidVec = new Vector(); for (int i = 0; i != ordering.size(); i++) { Object oid = ordering.elementAt(i); if (((X509Extension)extensions.get(oid)).isCritical() == isCritical) { oidVec.addElement(oid); } } return toOidArray(oidVec); } private ASN1ObjectIdentifier[] toOidArray(Vector oidVec) { ASN1ObjectIdentifier[] oids = new ASN1ObjectIdentifier[oidVec.size()]; for (int i = 0; i != oids.length; i++) { oids[i] = (ASN1ObjectIdentifier)oidVec.elementAt(i); } return oids; } }