package org.bouncycastle.asn1.x509;

import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERTaggedObject;

The Holder object.

For an v2 attribute certificate this is:

           Holder ::= SEQUENCE {
                 baseCertificateID   [0] IssuerSerial OPTIONAL,
                          -- the issuer and serial number of
                          -- the holder's Public Key Certificate
                 entityName          [1] GeneralNames OPTIONAL,
                          -- the name of the claimant or role
                 objectDigestInfo    [2] ObjectDigestInfo OPTIONAL
                          -- used to directly authenticate the holder,
                          -- for example, an executable
           }

For an v1 attribute certificate this is:

        subject CHOICE {
         baseCertificateID [0] EXPLICIT IssuerSerial,
         -- associated with a Public Key Certificate
         subjectName [1] EXPLICIT GeneralNames },
         -- associated with a name
/** * The Holder object. * <p> * For an v2 attribute certificate this is: * * <pre> * Holder ::= SEQUENCE { * baseCertificateID [0] IssuerSerial OPTIONAL, * -- the issuer and serial number of * -- the holder's Public Key Certificate * entityName [1] GeneralNames OPTIONAL, * -- the name of the claimant or role * objectDigestInfo [2] ObjectDigestInfo OPTIONAL * -- used to directly authenticate the holder, * -- for example, an executable * } * </pre> * * <p> * For an v1 attribute certificate this is: * * <pre> * subject CHOICE { * baseCertificateID [0] EXPLICIT IssuerSerial, * -- associated with a Public Key Certificate * subjectName [1] EXPLICIT GeneralNames }, * -- associated with a name * </pre> */
public class Holder extends ASN1Object { public static final int V1_CERTIFICATE_HOLDER = 0; public static final int V2_CERTIFICATE_HOLDER = 1; IssuerSerial baseCertificateID; GeneralNames entityName; ObjectDigestInfo objectDigestInfo; private int version = V2_CERTIFICATE_HOLDER; public static Holder getInstance(Object obj) { if (obj instanceof Holder) { return (Holder)obj; } else if (obj instanceof ASN1TaggedObject) { return new Holder(ASN1TaggedObject.getInstance(obj)); } else if (obj != null) { return new Holder(ASN1Sequence.getInstance(obj)); } return null; }
Constructor for a holder for an V1 attribute certificate.
Params:
  • tagObj – The ASN.1 tagged holder object.
/** * Constructor for a holder for an V1 attribute certificate. * * @param tagObj The ASN.1 tagged holder object. */
private Holder(ASN1TaggedObject tagObj) { switch (tagObj.getTagNo()) { case 0: baseCertificateID = IssuerSerial.getInstance(tagObj, true); break; case 1: entityName = GeneralNames.getInstance(tagObj, true); break; default: throw new IllegalArgumentException("unknown tag in Holder"); } version = 0; }
Constructor for a holder for an V2 attribute certificate.
Params:
  • seq – The ASN.1 sequence.
/** * Constructor for a holder for an V2 attribute certificate. * * @param seq The ASN.1 sequence. */
private Holder(ASN1Sequence seq) { if (seq.size() > 3) { throw new IllegalArgumentException("Bad sequence size: " + seq.size()); } for (int i = 0; i != seq.size(); i++) { ASN1TaggedObject tObj = ASN1TaggedObject.getInstance(seq .getObjectAt(i)); switch (tObj.getTagNo()) { case 0: baseCertificateID = IssuerSerial.getInstance(tObj, false); break; case 1: entityName = GeneralNames.getInstance(tObj, false); break; case 2: objectDigestInfo = ObjectDigestInfo.getInstance(tObj, false); break; default: throw new IllegalArgumentException("unknown tag in Holder"); } } version = 1; } public Holder(IssuerSerial baseCertificateID) { this(baseCertificateID, V2_CERTIFICATE_HOLDER); }
Constructs a holder from a IssuerSerial for a V1 or V2 certificate. .
Params:
  • baseCertificateID – The IssuerSerial.
  • version – The version of the attribute certificate.
/** * Constructs a holder from a IssuerSerial for a V1 or V2 certificate. * . * @param baseCertificateID The IssuerSerial. * @param version The version of the attribute certificate. */
public Holder(IssuerSerial baseCertificateID, int version) { this.baseCertificateID = baseCertificateID; this.version = version; }
Returns 1 for V2 attribute certificates or 0 for V1 attribute certificates.
Returns:The version of the attribute certificate.
/** * Returns 1 for V2 attribute certificates or 0 for V1 attribute * certificates. * @return The version of the attribute certificate. */
public int getVersion() { return version; }
Constructs a holder with an entityName for V2 attribute certificates.
Params:
  • entityName – The entity or subject name.
/** * Constructs a holder with an entityName for V2 attribute certificates. * * @param entityName The entity or subject name. */
public Holder(GeneralNames entityName) { this(entityName, V2_CERTIFICATE_HOLDER); }
Constructs a holder with an entityName for V2 attribute certificates or with a subjectName for V1 attribute certificates.
Params:
  • entityName – The entity or subject name.
  • version – The version of the attribute certificate.
/** * Constructs a holder with an entityName for V2 attribute certificates or * with a subjectName for V1 attribute certificates. * * @param entityName The entity or subject name. * @param version The version of the attribute certificate. */
public Holder(GeneralNames entityName, int version) { this.entityName = entityName; this.version = version; }
Constructs a holder from an object digest info.
Params:
  • objectDigestInfo – The object digest info object.
/** * Constructs a holder from an object digest info. * * @param objectDigestInfo The object digest info object. */
public Holder(ObjectDigestInfo objectDigestInfo) { this.objectDigestInfo = objectDigestInfo; } public IssuerSerial getBaseCertificateID() { return baseCertificateID; }
Returns the entityName for an V2 attribute certificate or the subjectName for an V1 attribute certificate.
Returns:The entityname or subjectname.
/** * Returns the entityName for an V2 attribute certificate or the subjectName * for an V1 attribute certificate. * * @return The entityname or subjectname. */
public GeneralNames getEntityName() { return entityName; } public ObjectDigestInfo getObjectDigestInfo() { return objectDigestInfo; } public ASN1Primitive toASN1Primitive() { if (version == 1) { ASN1EncodableVector v = new ASN1EncodableVector(); if (baseCertificateID != null) { v.add(new DERTaggedObject(false, 0, baseCertificateID)); } if (entityName != null) { v.add(new DERTaggedObject(false, 1, entityName)); } if (objectDigestInfo != null) { v.add(new DERTaggedObject(false, 2, objectDigestInfo)); } return new DERSequence(v); } else { if (entityName != null) { return new DERTaggedObject(true, 1, entityName); } else { return new DERTaggedObject(true, 0, baseCertificateID); } } } }