001package org.apache.commons.ssl.org.bouncycastle.asn1.x509; 002 003import java.math.BigInteger; 004 005import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1EncodableVector; 006import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Integer; 007import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Object; 008import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Primitive; 009import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Sequence; 010import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1TaggedObject; 011import org.apache.commons.ssl.org.bouncycastle.asn1.DERSequence; 012import org.apache.commons.ssl.org.bouncycastle.asn1.DERTaggedObject; 013 014/** 015 * PKIX RFC 5280 016 * <pre> 017 * id-ce-policyConstraints OBJECT IDENTIFIER ::= { id-ce 36 } 018 * 019 * PolicyConstraints ::= SEQUENCE { 020 * requireExplicitPolicy [0] SkipCerts OPTIONAL, 021 * inhibitPolicyMapping [1] SkipCerts OPTIONAL } 022 * 023 * SkipCerts ::= INTEGER (0..MAX) 024 * </pre> 025 */ 026public class PolicyConstraints 027 extends ASN1Object 028{ 029 private BigInteger requireExplicitPolicyMapping; 030 private BigInteger inhibitPolicyMapping; 031 032 public PolicyConstraints(BigInteger requireExplicitPolicyMapping, BigInteger inhibitPolicyMapping) 033 { 034 this.requireExplicitPolicyMapping = requireExplicitPolicyMapping; 035 this.inhibitPolicyMapping = inhibitPolicyMapping; 036 } 037 038 private PolicyConstraints(ASN1Sequence seq) 039 { 040 for (int i = 0; i != seq.size(); i++) 041 { 042 ASN1TaggedObject to = ASN1TaggedObject.getInstance(seq.getObjectAt(i)); 043 044 if (to.getTagNo() == 0) 045 { 046 requireExplicitPolicyMapping = ASN1Integer.getInstance(to, false).getValue(); 047 } 048 else if (to.getTagNo() == 1) 049 { 050 inhibitPolicyMapping = ASN1Integer.getInstance(to, false).getValue(); 051 } 052 else 053 { 054 throw new IllegalArgumentException("Unknown tag encountered."); 055 } 056 } 057 } 058 059 public static PolicyConstraints getInstance( 060 Object obj) 061 { 062 if (obj instanceof PolicyConstraints) 063 { 064 return (PolicyConstraints)obj; 065 } 066 067 if (obj != null) 068 { 069 return new PolicyConstraints(ASN1Sequence.getInstance(obj)); 070 } 071 072 return null; 073 } 074 075 public static PolicyConstraints fromExtensions(Extensions extensions) 076 { 077 return PolicyConstraints.getInstance(extensions.getExtensionParsedValue(Extension.policyConstraints)); 078 } 079 080 public BigInteger getRequireExplicitPolicyMapping() 081 { 082 return requireExplicitPolicyMapping; 083 } 084 085 public BigInteger getInhibitPolicyMapping() 086 { 087 return inhibitPolicyMapping; 088 } 089 090 public ASN1Primitive toASN1Primitive() 091 { 092 ASN1EncodableVector v = new ASN1EncodableVector(); 093 094 if (requireExplicitPolicyMapping != null) 095 { 096 v.add(new DERTaggedObject(0, new ASN1Integer(requireExplicitPolicyMapping))); 097 } 098 099 if (inhibitPolicyMapping != null) 100 { 101 v.add(new DERTaggedObject(1, new ASN1Integer(inhibitPolicyMapping))); 102 } 103 104 return new DERSequence(v); 105 } 106}