gomp-20050608-branch/libjava/classpath/gnu/java/security/x509/X509CRLEntry.java

   1 /* X509CRLEntry.java -- an entry in a X.509 CRL.
   2    Copyright (C) 2003, 2004  Free Software Foundation, Inc.
   3
   4 This file is part of GNU Classpath.
   5
   6 GNU Classpath is free software; you can redistribute it and/or modify
   7 it under the terms of the GNU General Public License as published by
   8 the Free Software Foundation; either version 2, or (at your option)
   9 any later version.
  10
  11 GNU Classpath is distributed in the hope that it will be useful, but
  12 WITHOUT ANY WARRANTY; without even the implied warranty of
  13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14 General Public License for more details.
  15
  16 You should have received a copy of the GNU General Public License
  17 along with GNU Classpath; see the file COPYING.  If not, write to the
  18 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  19 02110-1301 USA.
  20
  21 Linking this library statically or dynamically with other modules is
  22 making a combined work based on this library.  Thus, the terms and
  23 conditions of the GNU General Public License cover the whole
  24 combination.
  25
  26 As a special exception, the copyright holders of this library give you
  27 permission to link this library with independent modules to produce an
  28 executable, regardless of the license terms of these independent
  29 modules, and to copy and distribute the resulting executable under
  30 terms of your choice, provided that you also meet, for each linked
  31 independent module, the terms and conditions of the license of that
  32 module.  An independent module is a module which is not derived from
  33 or based on this library.  If you modify this library, you may extend
  34 this exception to your version of the library, but you are not
  35 obligated to do so.  If you do not wish to do so, delete this
  36 exception statement from your version. */
  37
  38
  39 package gnu.java.security.x509;
  40
  41 import gnu.java.security.OID;
  42 import gnu.java.security.der.DERReader;
  43 import gnu.java.security.der.DERValue;
  44 import gnu.java.security.x509.ext.Extension;
  45
  46 import java.io.IOException;
  47 import java.math.BigInteger;
  48 import java.security.cert.CRLException;
  49 import java.util.Collection;
  50 import java.util.Collections;
  51 import java.util.Date;
  52 import java.util.HashMap;
  53 import java.util.HashSet;
  54 import java.util.Iterator;
  55 import java.util.Set;
  56
  57 /**
  58  * A single entry in a X.509 certificate revocation list.
  59  *
  60  * @see X509CRL
  61  * @author Casey Marshall
  62  */
  63 class X509CRLEntry extends java.security.cert.X509CRLEntry
  64   implements GnuPKIExtension
  65 {
  66
  67   // Constants and fields.
  68   // ------------------------------------------------------------------------
  69
  70   private static final boolean DEBUG = false;
  71   private static void debug(String msg)
  72   {
  73     if (DEBUG)
  74       {
  75         System.err.print(">> X509CRLEntry: ");
  76         System.err.println(msg);
  77       }
  78   }
  79
  80   /** The DER encoded form of this CRL entry. */
  81   private byte[] encoded;
  82
  83   /** The revoked certificate's serial number. */
  84   private BigInteger serialNo;
  85
  86   /** The date the certificate was revoked. */
  87   private Date revocationDate;
  88
  89   /** The CRL entry extensions. */
  90   private HashMap extensions;
  91
  92   // Constructor.
  93   // ------------------------------------------------------------------------
  94
  95   /**
  96    * Create a new X.509 certificate revocation list entry from the given
  97    * input stream and CRL version number.
  98    *
  99    * @param version The CRL version.
 100    * @param encoded The stream of DER bytes.
 101    * @throws CRLException If the ASN.1 structure is invalid.
 102    * @throws IOException  If the bytes cannot be read.
 103    */
 104   X509CRLEntry(int version, DERReader encoded)
 105     throws CRLException, IOException
 106   {
 107     super();
 108     extensions = new HashMap();
 109     try
 110       {
 111         parse(version, encoded);
 112       }
 113     catch (IOException ioe)
 114       {
 115         throw ioe;
 116       }
 117     catch (Exception x)
 118       {
 119         throw new CRLException(x.toString());
 120       }
 121   }
 122
 123   // X509CRLEntry methods.
 124   // ------------------------------------------------------------------------
 125
 126   public boolean equals(Object o)
 127   {
 128     if (!(o instanceof X509CRLEntry))
 129       return false;
 130     return ((X509CRLEntry) o).getSerialNumber().equals(serialNo) &&
 131            ((X509CRLEntry) o).getRevocationDate().equals(revocationDate);
 132   }
 133
 134   public int hashCode()
 135   {
 136     return serialNo.hashCode();
 137   }
 138
 139   public byte[] getEncoded() throws CRLException
 140   {
 141     return (byte[]) encoded.clone();
 142   }
 143
 144   public BigInteger getSerialNumber()
 145   {
 146     return serialNo;
 147   }
 148
 149   public Date getRevocationDate()
 150   {
 151     return (Date) revocationDate.clone();
 152   }
 153
 154   public boolean hasExtensions()
 155   {
 156     return ! extensions.isEmpty();
 157   }
 158
 159   public String toString()
 160   {
 161     return "X509CRLEntry serial=" + serialNo + " revocation date="
 162       + revocationDate + " ext=" + extensions;
 163   }
 164
 165   // X509Extension methods.
 166   // -------------------------------------------------------------------------
 167
 168   public boolean hasUnsupportedCriticalExtension()
 169   {
 170     for (Iterator it = extensions.values().iterator(); it.hasNext(); )
 171       {
 172         Extension e = (Extension) it.next();
 173         if (e.isCritical() && !e.isSupported())
 174           return true;
 175       }
 176     return false;
 177   }
 178
 179   public Set getCriticalExtensionOIDs()
 180   {
 181     HashSet s = new HashSet();
 182     for (Iterator it = extensions.values().iterator(); it.hasNext(); )
 183       {
 184         Extension e = (Extension) it.next();
 185         if (e.isCritical())
 186           s.add(e.getOid().toString());
 187       }
 188     return Collections.unmodifiableSet(s);
 189   }
 190
 191   public Set getNonCriticalExtensionOIDs()
 192   {
 193     HashSet s = new HashSet();
 194     for (Iterator it = extensions.values().iterator(); it.hasNext(); )
 195       {
 196         Extension e = (Extension) it.next();
 197         if (!e.isCritical())
 198           s.add(e.getOid().toString());
 199       }
 200     return Collections.unmodifiableSet(s);
 201   }
 202
 203   public byte[] getExtensionValue(String oid)
 204   {
 205     Extension e = getExtension(new OID(oid));
 206     if (e != null)
 207       {
 208         return e.getValue().getEncoded();
 209       }
 210     return null;
 211   }
 212
 213   // GnuPKIExtension method.
 214   // -------------------------------------------------------------------------
 215
 216   public Extension getExtension(OID oid)
 217   {
 218     return (Extension) extensions.get(oid);
 219   }
 220
 221   public Collection getExtensions()
 222   {
 223     return extensions.values();
 224   }
 225
 226   // Own methods.
 227   // -------------------------------------------------------------------------
 228
 229   private void parse(int version, DERReader der) throws Exception
 230   {
 231     // RevokedCertificate ::= SEQUENCE {
 232     DERValue entry = der.read();
 233     debug("start CRL entry   len == " + entry.getLength());
 234     if (!entry.isConstructed())
 235       throw new IOException("malformed revokedCertificate");
 236     encoded = entry.getEncoded();
 237     int len = 0;
 238
 239     debug("encoded entry:\n" + Util.hexDump(encoded, ">>>> "));
 240
 241     //   userCertificate   CertificateSerialNumber,
 242     DERValue val = der.read();
 243     serialNo = (BigInteger) val.getValue();
 244     len += val.getEncodedLength();
 245     debug("userCertificate == " + serialNo + "  current count == " + len);
 246
 247     //   revocationDate   Time,
 248     val = der.read();
 249     revocationDate = (Date) val.getValue();
 250     len += val.getEncodedLength();
 251     debug("revocationDate == " + revocationDate + "  current count == " + len);
 252
 253     //   crlEntryExtensions   Extensions OPTIONAL
 254     //                          -- if present MUST be v2
 255     if (len < entry.getLength())
 256       {
 257         if (version < 2)
 258           throw new IOException("extra data in CRL entry");
 259         DERValue exts = der.read();
 260         if (!exts.isConstructed())
 261           throw new IOException("malformed Extensions");
 262         debug("start Extensions  len == " + exts.getLength());
 263         len = 0;
 264         while (len < exts.getLength())
 265           {
 266             val = der.read();
 267             if (!val.isConstructed())
 268               throw new IOException("malformed Extension");
 269             debug("start Extension  len == " + val.getLength());
 270             Extension e = new Extension(val.getEncoded());
 271             extensions.put(e.getOid(), e);
 272             der.skip(val.getLength());
 273             len += val.getEncodedLength();
 274             debug("current count == " + len);
 275           }
 276       }
 277   }
 278 }