KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > ejbca > util > cert > QCStatementExtension


1 /*************************************************************************
2  * *
3  * EJBCA: The OpenSource Certificate Authority *
4  * *
5  * This software is free software; you can redistribute it and/or *
6  * modify it under the terms of the GNU Lesser General Public *
7  * License as published by the Free Software Foundation; either *
8  * version 2.1 of the License, or any later version. *
9  * *
10  * See terms of license at gnu.org. *
11  * *
12  *************************************************************************/

13
14 package org.ejbca.util.cert;
15
16 import java.io.IOException JavaDoc;
17 import java.math.BigInteger JavaDoc;
18 import java.security.cert.X509Certificate JavaDoc;
19 import java.util.ArrayList JavaDoc;
20 import java.util.Collection JavaDoc;
21
22 import org.apache.log4j.Logger;
23 import org.bouncycastle.asn1.ASN1Encodable;
24 import org.bouncycastle.asn1.ASN1Sequence;
25 import org.bouncycastle.asn1.DERObject;
26 import org.bouncycastle.asn1.DERObjectIdentifier;
27 import org.bouncycastle.asn1.x509.GeneralName;
28 import org.bouncycastle.asn1.x509.qualified.ETSIQCObjectIdentifiers;
29 import org.bouncycastle.asn1.x509.qualified.MonetaryValue;
30 import org.bouncycastle.asn1.x509.qualified.QCStatement;
31 import org.bouncycastle.asn1.x509.qualified.RFC3739QCObjectIdentifiers;
32 import org.bouncycastle.asn1.x509.qualified.SemanticsInformation;
33 import org.ejbca.util.CertTools;
34
35 /**
36  * A class for reading values from QC-statement extension.
37  *
38  * @author Tomas Gustavsson
39  * @version $Id: QCStatementExtension.java,v 1.2 2006/07/28 07:14:16 anatom Exp $
40  */

41 public class QCStatementExtension extends CertTools {
42
43     private static Logger log = Logger.getLogger(SubjectDirAttrExtension.class);
44
45     /**
46      * inhibits creation of new SubjectDirAttrExtension
47      */

48     private QCStatementExtension() {
49     }
50     
51     /** Returns true if the certificate contains a QC-statements extension.
52      *
53      * @param cert Certificate containing the extension
54      * @return true or false.
55      * @throws IOException if there is a problem parsing the certificate
56      */

57     public static boolean hasQcStatement(X509Certificate JavaDoc cert) throws IOException JavaDoc {
58         DERObject obj = getExtensionValue(cert, QCSTATEMENTS_OBJECTID);
59         if (obj == null) {
60             return false;
61         }
62         return true;
63     }
64     /** Returns all the 'statementId' defined in the QCStatement extension (rfc3739).
65      *
66      * @param cert Certificate containing the extension
67      * @return Collection of String with the oid, for example "1.1.1.2", or empty Collection if no identifier is found, never returns null.
68      * @throws IOException if there is a problem parsing the certificate
69      */

70     public static Collection JavaDoc getQcStatementIds(X509Certificate JavaDoc cert) throws IOException JavaDoc {
71         ArrayList JavaDoc ret = new ArrayList JavaDoc();
72         DERObject obj = getExtensionValue(cert, QCSTATEMENTS_OBJECTID);
73         if (obj == null) {
74             return ret;
75         }
76         ASN1Sequence seq = (ASN1Sequence)obj;
77         for (int i = 0; i < seq.size(); i++) {
78             QCStatement qc = QCStatement.getInstance(seq.getObjectAt(i));
79             DERObjectIdentifier oid = qc.getStatementId();
80             if (oid != null) {
81                 ret.add(oid.getId());
82             }
83         }
84         return ret;
85     }
86     /** Returns the value limit ETSI QCStatement if present.
87      *
88      * @param cert X509Certificate possibly containing the QCStatement extension
89      * @return String with the value and currency (ex '50000 SEK')or null if the extension is not present
90      * @throws IOException if there is a problem parsing the certificate
91      */

92     public static String JavaDoc getQcStatementValueLimit(X509Certificate JavaDoc cert) throws IOException JavaDoc {
93         String JavaDoc ret = null;
94         DERObject obj = getExtensionValue(cert, QCSTATEMENTS_OBJECTID);
95         if (obj == null) {
96             return null;
97         }
98         ASN1Sequence seq = (ASN1Sequence)obj;
99         MonetaryValue mv = null;
100         // Look through all the QCStatements and see if we have a stadard ETSI LimitValue
101
for (int i = 0; i < seq.size(); i++) {
102             QCStatement qc = QCStatement.getInstance(seq.getObjectAt(i));
103             DERObjectIdentifier oid = qc.getStatementId();
104             if (oid != null) {
105                 if (oid.equals(ETSIQCObjectIdentifiers.id_etsi_qcs_LimiteValue)) {
106                     // We MAY have a MonetaryValue object here
107
ASN1Encodable enc = qc.getStatementInfo();
108                     if (enc != null) {
109                         mv = MonetaryValue.getInstance(enc);
110                         // We can break the loop now, we got it!
111
break;
112                     }
113                 }
114             }
115         }
116         if (mv != null) {
117             BigInteger JavaDoc amount = mv.getAmount();
118             BigInteger JavaDoc exp = mv.getExponent();
119             BigInteger JavaDoc ten = BigInteger.valueOf(10);
120             // A possibly gotcha here if the monetary value is larger than what fits in a long...
121
long value = amount.longValue() * (ten.pow(exp.intValue())).longValue();
122             if (value < 0) {
123                 log.error("ETSI LimitValue amount is < 0.");
124             }
125             String JavaDoc curr = mv.getCurrency().getAlphabetic();
126             if (curr == null) {
127                 log.error("ETSI LimitValue currency is null");
128             }
129             if ( (value >= 0) && (curr != null) ) {
130                 ret = value + " "+curr;
131             }
132         }
133         return ret;
134         
135     }
136     /** Returns the 'NameRegistrationAuthorities' defined in the QCStatement extension (rfc3739).
137      *
138      * @param cert Certificate containing the extension
139      * @return String with for example 'rfc822Name=foo2bar.se, rfc822Name=bar2foo.se' etc. Supports email, dns and uri name, or null of no RAs are found.
140      * @throws IOException if there is a problem parsing the certificate
141      */

142     public static String JavaDoc getQcStatementAuthorities(X509Certificate JavaDoc cert) throws IOException JavaDoc {
143         String JavaDoc ret = null;
144         DERObject obj = getExtensionValue(cert, QCSTATEMENTS_OBJECTID);
145         if (obj == null) {
146             return null;
147         }
148         ASN1Sequence seq = (ASN1Sequence)obj;
149         SemanticsInformation si = null;
150         // Look through all the QCStatements na dsee if we have a stadard RFC3739 pkixQCSyntax
151
for (int i = 0; i < seq.size(); i++) {
152             QCStatement qc = QCStatement.getInstance(seq.getObjectAt(i));
153             DERObjectIdentifier oid = qc.getStatementId();
154             if (oid != null) {
155                 if (oid.equals(RFC3739QCObjectIdentifiers.id_qcs_pkixQCSyntax_v1) || oid.equals(RFC3739QCObjectIdentifiers.id_qcs_pkixQCSyntax_v2)) {
156                     // We MAY have a SemanticsInformation object here
157
ASN1Encodable enc = qc.getStatementInfo();
158                     if (enc != null) {
159                         si = SemanticsInformation.getInstance(enc);
160                         // We can break the loop now, we got it!
161
break;
162                     }
163                 }
164             }
165         }
166         if (si != null) {
167             GeneralName[] gns = si.getNameRegistrationAuthorities();
168             if (gns == null) {
169                 return null;
170             }
171             StringBuffer JavaDoc strBuf = new StringBuffer JavaDoc();
172             for (int i = 0; i < gns.length; i++) {
173                 GeneralName gn = gns[i];
174                 if (strBuf.length() != 0) {
175                     // Append comma so we get nice formatting if there are more than one authority
176
strBuf.append(", ");
177                 }
178                 String JavaDoc str = getGeneralNameString(gn.getTagNo(), gn.getName());
179                 if (str != null) {
180                     strBuf.append(str);
181                 }
182             }
183             if (strBuf.length() > 0) {
184                 ret = strBuf.toString();
185             }
186         }
187         return ret;
188     }
189
190 }
191
Popular Tags