1 /* 2 * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package sun.security.x509; 27 28 import java.util.*; 29 import java.io.IOException; 30 31 import java.security.cert.CertificateException; 32 33 import sun.security.util.*; 34 35 /** 36 * This class defines the mapping from OID {@literal &} name to classes and vice 37 * versa. Used by CertificateExtensions {@literal &} PKCS10 to get the java 38 * classes associated with a particular OID/name. 39 * 40 * @author Amit Kapoor 41 * @author Hemma Prafullchandra 42 * @author Andreas Sterbenz 43 * 44 */ 45 public class OIDMap { 46 OIDMap()47 private OIDMap() { 48 // empty 49 } 50 51 // "user-friendly" names 52 private static final String ROOT = X509CertImpl.NAME + "." + 53 X509CertInfo.NAME + "." + 54 X509CertInfo.EXTENSIONS; 55 private static final String AUTH_KEY_IDENTIFIER = ROOT + "." + 56 AuthorityKeyIdentifierExtension.NAME; 57 private static final String SUB_KEY_IDENTIFIER = ROOT + "." + 58 SubjectKeyIdentifierExtension.NAME; 59 private static final String KEY_USAGE = ROOT + "." + 60 KeyUsageExtension.NAME; 61 private static final String PRIVATE_KEY_USAGE = ROOT + "." + 62 PrivateKeyUsageExtension.NAME; 63 private static final String POLICY_MAPPINGS = ROOT + "." + 64 PolicyMappingsExtension.NAME; 65 private static final String SUB_ALT_NAME = ROOT + "." + 66 SubjectAlternativeNameExtension.NAME; 67 private static final String ISSUER_ALT_NAME = ROOT + "." + 68 IssuerAlternativeNameExtension.NAME; 69 private static final String BASIC_CONSTRAINTS = ROOT + "." + 70 BasicConstraintsExtension.NAME; 71 private static final String NAME_CONSTRAINTS = ROOT + "." + 72 NameConstraintsExtension.NAME; 73 private static final String POLICY_CONSTRAINTS = ROOT + "." + 74 PolicyConstraintsExtension.NAME; 75 private static final String CRL_NUMBER = ROOT + "." + 76 CRLNumberExtension.NAME; 77 private static final String CRL_REASON = ROOT + "." + 78 CRLReasonCodeExtension.NAME; 79 private static final String NETSCAPE_CERT = ROOT + "." + 80 NetscapeCertTypeExtension.NAME; 81 private static final String CERT_POLICIES = ROOT + "." + 82 CertificatePoliciesExtension.NAME; 83 private static final String EXT_KEY_USAGE = ROOT + "." + 84 ExtendedKeyUsageExtension.NAME; 85 private static final String INHIBIT_ANY_POLICY = ROOT + "." + 86 InhibitAnyPolicyExtension.NAME; 87 private static final String CRL_DIST_POINTS = ROOT + "." + 88 CRLDistributionPointsExtension.NAME; 89 90 private static final String CERT_ISSUER = ROOT + "." + 91 CertificateIssuerExtension.NAME; 92 private static final String SUBJECT_INFO_ACCESS = ROOT + "." + 93 SubjectInfoAccessExtension.NAME; 94 private static final String AUTH_INFO_ACCESS = ROOT + "." + 95 AuthorityInfoAccessExtension.NAME; 96 private static final String ISSUING_DIST_POINT = ROOT + "." + 97 IssuingDistributionPointExtension.NAME; 98 private static final String DELTA_CRL_INDICATOR = ROOT + "." + 99 DeltaCRLIndicatorExtension.NAME; 100 private static final String FRESHEST_CRL = ROOT + "." + 101 FreshestCRLExtension.NAME; 102 private static final String OCSPNOCHECK = ROOT + "." + 103 OCSPNoCheckExtension.NAME; 104 105 private static final int[] NetscapeCertType_data = 106 { 2, 16, 840, 1, 113730, 1, 1 }; 107 108 /** Map ObjectIdentifier(oid) -> OIDInfo(info) */ 109 private static final Map<ObjectIdentifier,OIDInfo> oidMap; 110 111 /** Map String(friendly name) -> OIDInfo(info) */ 112 private static final Map<String,OIDInfo> nameMap; 113 114 static { 115 oidMap = new HashMap<ObjectIdentifier,OIDInfo>(); 116 nameMap = new HashMap<String,OIDInfo>(); addInternal(SUB_KEY_IDENTIFIER, PKIXExtensions.SubjectKey_Id, R)117 addInternal(SUB_KEY_IDENTIFIER, PKIXExtensions.SubjectKey_Id, 118 "sun.security.x509.SubjectKeyIdentifierExtension"); addInternal(KEY_USAGE, PKIXExtensions.KeyUsage_Id, R)119 addInternal(KEY_USAGE, PKIXExtensions.KeyUsage_Id, 120 "sun.security.x509.KeyUsageExtension"); addInternal(PRIVATE_KEY_USAGE, PKIXExtensions.PrivateKeyUsage_Id, R)121 addInternal(PRIVATE_KEY_USAGE, PKIXExtensions.PrivateKeyUsage_Id, 122 "sun.security.x509.PrivateKeyUsageExtension"); addInternal(SUB_ALT_NAME, PKIXExtensions.SubjectAlternativeName_Id, R)123 addInternal(SUB_ALT_NAME, PKIXExtensions.SubjectAlternativeName_Id, 124 "sun.security.x509.SubjectAlternativeNameExtension"); addInternal(ISSUER_ALT_NAME, PKIXExtensions.IssuerAlternativeName_Id, R)125 addInternal(ISSUER_ALT_NAME, PKIXExtensions.IssuerAlternativeName_Id, 126 "sun.security.x509.IssuerAlternativeNameExtension"); addInternal(BASIC_CONSTRAINTS, PKIXExtensions.BasicConstraints_Id, R)127 addInternal(BASIC_CONSTRAINTS, PKIXExtensions.BasicConstraints_Id, 128 "sun.security.x509.BasicConstraintsExtension"); addInternal(CRL_NUMBER, PKIXExtensions.CRLNumber_Id, R)129 addInternal(CRL_NUMBER, PKIXExtensions.CRLNumber_Id, 130 "sun.security.x509.CRLNumberExtension"); addInternal(CRL_REASON, PKIXExtensions.ReasonCode_Id, R)131 addInternal(CRL_REASON, PKIXExtensions.ReasonCode_Id, 132 "sun.security.x509.CRLReasonCodeExtension"); addInternal(NAME_CONSTRAINTS, PKIXExtensions.NameConstraints_Id, R)133 addInternal(NAME_CONSTRAINTS, PKIXExtensions.NameConstraints_Id, 134 "sun.security.x509.NameConstraintsExtension"); addInternal(POLICY_MAPPINGS, PKIXExtensions.PolicyMappings_Id, R)135 addInternal(POLICY_MAPPINGS, PKIXExtensions.PolicyMappings_Id, 136 "sun.security.x509.PolicyMappingsExtension"); addInternal(AUTH_KEY_IDENTIFIER, PKIXExtensions.AuthorityKey_Id, R)137 addInternal(AUTH_KEY_IDENTIFIER, PKIXExtensions.AuthorityKey_Id, 138 "sun.security.x509.AuthorityKeyIdentifierExtension"); addInternal(POLICY_CONSTRAINTS, PKIXExtensions.PolicyConstraints_Id, R)139 addInternal(POLICY_CONSTRAINTS, PKIXExtensions.PolicyConstraints_Id, 140 "sun.security.x509.PolicyConstraintsExtension"); addInternal(NETSCAPE_CERT, ObjectIdentifier.newInternal (new int[] {2,16,840,1,113730,1,1}), R)141 addInternal(NETSCAPE_CERT, ObjectIdentifier.newInternal 142 (new int[] {2,16,840,1,113730,1,1}), 143 "sun.security.x509.NetscapeCertTypeExtension"); addInternal(CERT_POLICIES, PKIXExtensions.CertificatePolicies_Id, R)144 addInternal(CERT_POLICIES, PKIXExtensions.CertificatePolicies_Id, 145 "sun.security.x509.CertificatePoliciesExtension"); addInternal(EXT_KEY_USAGE, PKIXExtensions.ExtendedKeyUsage_Id, R)146 addInternal(EXT_KEY_USAGE, PKIXExtensions.ExtendedKeyUsage_Id, 147 "sun.security.x509.ExtendedKeyUsageExtension"); addInternal(INHIBIT_ANY_POLICY, PKIXExtensions.InhibitAnyPolicy_Id, R)148 addInternal(INHIBIT_ANY_POLICY, PKIXExtensions.InhibitAnyPolicy_Id, 149 "sun.security.x509.InhibitAnyPolicyExtension"); addInternal(CRL_DIST_POINTS, PKIXExtensions.CRLDistributionPoints_Id, R)150 addInternal(CRL_DIST_POINTS, PKIXExtensions.CRLDistributionPoints_Id, 151 "sun.security.x509.CRLDistributionPointsExtension"); addInternal(CERT_ISSUER, PKIXExtensions.CertificateIssuer_Id, R)152 addInternal(CERT_ISSUER, PKIXExtensions.CertificateIssuer_Id, 153 "sun.security.x509.CertificateIssuerExtension"); addInternal(SUBJECT_INFO_ACCESS, PKIXExtensions.SubjectInfoAccess_Id, R)154 addInternal(SUBJECT_INFO_ACCESS, PKIXExtensions.SubjectInfoAccess_Id, 155 "sun.security.x509.SubjectInfoAccessExtension"); addInternal(AUTH_INFO_ACCESS, PKIXExtensions.AuthInfoAccess_Id, R)156 addInternal(AUTH_INFO_ACCESS, PKIXExtensions.AuthInfoAccess_Id, 157 "sun.security.x509.AuthorityInfoAccessExtension"); addInternal(ISSUING_DIST_POINT, PKIXExtensions.IssuingDistributionPoint_Id, R)158 addInternal(ISSUING_DIST_POINT, 159 PKIXExtensions.IssuingDistributionPoint_Id, 160 "sun.security.x509.IssuingDistributionPointExtension"); addInternal(DELTA_CRL_INDICATOR, PKIXExtensions.DeltaCRLIndicator_Id, R)161 addInternal(DELTA_CRL_INDICATOR, PKIXExtensions.DeltaCRLIndicator_Id, 162 "sun.security.x509.DeltaCRLIndicatorExtension"); addInternal(FRESHEST_CRL, PKIXExtensions.FreshestCRL_Id, R)163 addInternal(FRESHEST_CRL, PKIXExtensions.FreshestCRL_Id, 164 "sun.security.x509.FreshestCRLExtension"); addInternal(OCSPNOCHECK, PKIXExtensions.OCSPNoCheck_Id, R)165 addInternal(OCSPNOCHECK, PKIXExtensions.OCSPNoCheck_Id, 166 "sun.security.x509.OCSPNoCheckExtension"); 167 } 168 169 /** 170 * Add attributes to the table. For internal use in the static 171 * initializer. 172 */ addInternal(String name, ObjectIdentifier oid, String className)173 private static void addInternal(String name, ObjectIdentifier oid, 174 String className) { 175 OIDInfo info = new OIDInfo(name, oid, className); 176 oidMap.put(oid, info); 177 nameMap.put(name, info); 178 } 179 180 /** 181 * Inner class encapsulating the mapping info and Class loading. 182 */ 183 private static class OIDInfo { 184 185 final ObjectIdentifier oid; 186 final String name; 187 final String className; 188 private volatile Class<?> clazz; 189 OIDInfo(String name, ObjectIdentifier oid, String className)190 OIDInfo(String name, ObjectIdentifier oid, String className) { 191 this.name = name; 192 this.oid = oid; 193 this.className = className; 194 } 195 OIDInfo(String name, ObjectIdentifier oid, Class<?> clazz)196 OIDInfo(String name, ObjectIdentifier oid, Class<?> clazz) { 197 this.name = name; 198 this.oid = oid; 199 this.className = clazz.getName(); 200 this.clazz = clazz; 201 } 202 203 /** 204 * Return the Class object associated with this attribute. 205 */ getClazz()206 Class<?> getClazz() throws CertificateException { 207 try { 208 Class<?> c = clazz; 209 if (c == null) { 210 c = Class.forName(className); 211 clazz = c; 212 } 213 return c; 214 } catch (ClassNotFoundException e) { 215 throw new CertificateException("Could not load class: " + e, e); 216 } 217 } 218 } 219 220 /** 221 * Add a name to lookup table. 222 * 223 * @param name the name of the attr 224 * @param oid the string representation of the object identifier for 225 * the class. 226 * @param clazz the Class object associated with this attribute 227 * @exception CertificateException on errors. 228 */ addAttribute(String name, String oid, Class<?> clazz)229 public static void addAttribute(String name, String oid, Class<?> clazz) 230 throws CertificateException { 231 ObjectIdentifier objId; 232 try { 233 objId = new ObjectIdentifier(oid); 234 } catch (IOException ioe) { 235 throw new CertificateException 236 ("Invalid Object identifier: " + oid); 237 } 238 OIDInfo info = new OIDInfo(name, objId, clazz); 239 if (oidMap.put(objId, info) != null) { 240 throw new CertificateException 241 ("Object identifier already exists: " + oid); 242 } 243 if (nameMap.put(name, info) != null) { 244 throw new CertificateException("Name already exists: " + name); 245 } 246 } 247 248 /** 249 * Return user friendly name associated with the OID. 250 * 251 * @param oid the name of the object identifier to be returned. 252 * @return the user friendly name or null if no name 253 * is registered for this oid. 254 */ getName(ObjectIdentifier oid)255 public static String getName(ObjectIdentifier oid) { 256 OIDInfo info = oidMap.get(oid); 257 return (info == null) ? null : info.name; 258 } 259 260 /** 261 * Return Object identifier for user friendly name. 262 * 263 * @param name the user friendly name. 264 * @return the Object Identifier or null if no oid 265 * is registered for this name. 266 */ getOID(String name)267 public static ObjectIdentifier getOID(String name) { 268 OIDInfo info = nameMap.get(name); 269 return (info == null) ? null : info.oid; 270 } 271 272 /** 273 * Return the java class object associated with the user friendly name. 274 * 275 * @param name the user friendly name. 276 * @exception CertificateException if class cannot be instantiated. 277 */ getClass(String name)278 public static Class<?> getClass(String name) throws CertificateException { 279 OIDInfo info = nameMap.get(name); 280 return (info == null) ? null : info.getClazz(); 281 } 282 283 /** 284 * Return the java class object associated with the object identifier. 285 * 286 * @param oid the name of the object identifier to be returned. 287 * @exception CertificateException if class cannot be instatiated. 288 */ getClass(ObjectIdentifier oid)289 public static Class<?> getClass(ObjectIdentifier oid) 290 throws CertificateException { 291 OIDInfo info = oidMap.get(oid); 292 return (info == null) ? null : info.getClazz(); 293 } 294 295 } 296