1 package org.bouncycastle.asn1.x509;
2 
3 import org.bouncycastle.asn1.ASN1EncodableVector;
4 import org.bouncycastle.asn1.ASN1Object;
5 import org.bouncycastle.asn1.ASN1Primitive;
6 import org.bouncycastle.asn1.ASN1Sequence;
7 import org.bouncycastle.asn1.ASN1TaggedObject;
8 import org.bouncycastle.asn1.DERSequence;
9 import org.bouncycastle.asn1.DERTaggedObject;
10 
11 /**
12  * The Holder object.
13  * <p>
14  * For an v2 attribute certificate this is:
15  *
16  * <pre>
17  *            Holder ::= SEQUENCE {
18  *                  baseCertificateID   [0] IssuerSerial OPTIONAL,
19  *                           -- the issuer and serial number of
20  *                           -- the holder's Public Key Certificate
21  *                  entityName          [1] GeneralNames OPTIONAL,
22  *                           -- the name of the claimant or role
23  *                  objectDigestInfo    [2] ObjectDigestInfo OPTIONAL
24  *                           -- used to directly authenticate the holder,
25  *                           -- for example, an executable
26  *            }
27  * </pre>
28  *
29  * <p>
30  * For an v1 attribute certificate this is:
31  *
32  * <pre>
33  *         subject CHOICE {
34  *          baseCertificateID [0] EXPLICIT IssuerSerial,
35  *          -- associated with a Public Key Certificate
36  *          subjectName [1] EXPLICIT GeneralNames },
37  *          -- associated with a name
38  * </pre>
39  */
40 public class Holder
41     extends ASN1Object
42 {
43     public static final int V1_CERTIFICATE_HOLDER = 0;
44     public static final int V2_CERTIFICATE_HOLDER = 1;
45 
46     IssuerSerial baseCertificateID;
47 
48     GeneralNames entityName;
49 
50     ObjectDigestInfo objectDigestInfo;
51 
52     private int version = V2_CERTIFICATE_HOLDER;
53 
getInstance(Object obj)54     public static Holder getInstance(Object obj)
55     {
56         if (obj instanceof Holder)
57         {
58             return (Holder)obj;
59         }
60         else if (obj instanceof ASN1TaggedObject)
61         {
62             return new Holder(ASN1TaggedObject.getInstance(obj));
63         }
64         else if (obj != null)
65         {
66             return new Holder(ASN1Sequence.getInstance(obj));
67         }
68 
69         return null;
70     }
71 
72     /**
73      * Constructor for a holder for an V1 attribute certificate.
74      *
75      * @param tagObj The ASN.1 tagged holder object.
76      */
Holder(ASN1TaggedObject tagObj)77     private Holder(ASN1TaggedObject tagObj)
78     {
79         switch (tagObj.getTagNo())
80         {
81         case 0:
82             baseCertificateID = IssuerSerial.getInstance(tagObj, true);
83             break;
84         case 1:
85             entityName = GeneralNames.getInstance(tagObj, true);
86             break;
87         default:
88             throw new IllegalArgumentException("unknown tag in Holder");
89         }
90         version = V1_CERTIFICATE_HOLDER;
91     }
92 
93     /**
94      * Constructor for a holder for an V2 attribute certificate.
95      *
96      * @param seq The ASN.1 sequence.
97      */
Holder(ASN1Sequence seq)98     private Holder(ASN1Sequence seq)
99     {
100         if (seq.size() > 3)
101         {
102             throw new IllegalArgumentException("Bad sequence size: "
103                 + seq.size());
104         }
105 
106         for (int i = 0; i != seq.size(); i++)
107         {
108             ASN1TaggedObject tObj = ASN1TaggedObject.getInstance(seq
109                 .getObjectAt(i));
110 
111             switch (tObj.getTagNo())
112             {
113             case 0:
114                 baseCertificateID = IssuerSerial.getInstance(tObj, false);
115                 break;
116             case 1:
117                 entityName = GeneralNames.getInstance(tObj, false);
118                 break;
119             case 2:
120                 objectDigestInfo = ObjectDigestInfo.getInstance(tObj, false);
121                 break;
122             default:
123                 throw new IllegalArgumentException("unknown tag in Holder");
124             }
125         }
126         version = V2_CERTIFICATE_HOLDER;
127     }
128 
Holder(IssuerSerial baseCertificateID)129     public Holder(IssuerSerial baseCertificateID)
130     {
131         this(baseCertificateID, V2_CERTIFICATE_HOLDER);
132     }
133 
134     /**
135      * Constructs a holder from a IssuerSerial for a V1 or V2 certificate.
136      * .
137      * @param baseCertificateID The IssuerSerial.
138      * @param version The version of the attribute certificate.
139      */
Holder(IssuerSerial baseCertificateID, int version)140     public Holder(IssuerSerial baseCertificateID, int version)
141     {
142         this.baseCertificateID = baseCertificateID;
143         this.version = version;
144     }
145 
146     /**
147      * Returns 1 for V2 attribute certificates or 0 for V1 attribute
148      * certificates.
149      * @return The version of the attribute certificate.
150      */
getVersion()151     public int getVersion()
152     {
153         return version;
154     }
155 
156     /**
157      * Constructs a holder with an entityName for V2 attribute certificates.
158      *
159      * @param entityName The entity or subject name.
160      */
Holder(GeneralNames entityName)161     public Holder(GeneralNames entityName)
162     {
163         this(entityName, V2_CERTIFICATE_HOLDER);
164     }
165 
166     /**
167      * Constructs a holder with an entityName for V2 attribute certificates or
168      * with a subjectName for V1 attribute certificates.
169      *
170      * @param entityName The entity or subject name.
171      * @param version The version of the attribute certificate.
172      */
Holder(GeneralNames entityName, int version)173     public Holder(GeneralNames entityName, int version)
174     {
175         this.entityName = entityName;
176         this.version = version;
177     }
178 
179     /**
180      * Constructs a holder from an object digest info.
181      *
182      * @param objectDigestInfo The object digest info object.
183      */
Holder(ObjectDigestInfo objectDigestInfo)184     public Holder(ObjectDigestInfo objectDigestInfo)
185     {
186         this.objectDigestInfo = objectDigestInfo;
187     }
188 
getBaseCertificateID()189     public IssuerSerial getBaseCertificateID()
190     {
191         return baseCertificateID;
192     }
193 
194     /**
195      * Returns the entityName for an V2 attribute certificate or the subjectName
196      * for an V1 attribute certificate.
197      *
198      * @return The entityname or subjectname.
199      */
getEntityName()200     public GeneralNames getEntityName()
201     {
202         return entityName;
203     }
204 
getObjectDigestInfo()205     public ObjectDigestInfo getObjectDigestInfo()
206     {
207         return objectDigestInfo;
208     }
209 
toASN1Primitive()210     public ASN1Primitive toASN1Primitive()
211     {
212         if (version == V2_CERTIFICATE_HOLDER)
213         {
214             ASN1EncodableVector v = new ASN1EncodableVector(3);
215 
216             if (baseCertificateID != null)
217             {
218                 v.add(new DERTaggedObject(false, 0, baseCertificateID));
219             }
220 
221             if (entityName != null)
222             {
223                 v.add(new DERTaggedObject(false, 1, entityName));
224             }
225 
226             if (objectDigestInfo != null)
227             {
228                 v.add(new DERTaggedObject(false, 2, objectDigestInfo));
229             }
230 
231             return new DERSequence(v);
232         }
233         else
234         {
235             if (entityName != null)
236             {
237                 return new DERTaggedObject(true, 1, entityName);
238             }
239             else
240             {
241                 return new DERTaggedObject(true, 0, baseCertificateID);
242             }
243         }
244     }
245 }
246