001package org.apache.commons.ssl.org.bouncycastle.asn1.cmp;
002
003import java.io.IOException;
004
005import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Choice;
006import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Object;
007import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Primitive;
008import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Sequence;
009import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1TaggedObject;
010import org.apache.commons.ssl.org.bouncycastle.asn1.DERTaggedObject;
011import org.apache.commons.ssl.org.bouncycastle.asn1.x509.AttributeCertificate;
012import org.apache.commons.ssl.org.bouncycastle.asn1.x509.Certificate;
013
014public class CMPCertificate
015    extends ASN1Object
016    implements ASN1Choice
017{
018    private Certificate x509v3PKCert;
019
020    private int        otherTagValue;
021    private ASN1Object otherCert;
022
023    /**
024     * Note: the addition of attribute certificates is a BC extension. If you use this constructor they
025     * will be added with a tag value of 1.
026     * @deprecated use (type. otherCert) constructor
027     */
028    public CMPCertificate(AttributeCertificate x509v2AttrCert)
029    {
030        this(1, x509v2AttrCert);
031    }
032
033    /**
034     * Note: the addition of other certificates is a BC extension. If you use this constructor they
035     * will be added with an explicit tag value of type.
036     *
037     * @param type the type of the certificate (used as a tag value).
038     * @param otherCert the object representing the certificate
039     */
040    public CMPCertificate(int type, ASN1Object otherCert)
041    {
042        this.otherTagValue = type;
043        this.otherCert = otherCert;
044    }
045
046    public CMPCertificate(Certificate x509v3PKCert)
047    {
048        if (x509v3PKCert.getVersionNumber() != 3)
049        {
050            throw new IllegalArgumentException("only version 3 certificates allowed");
051        }
052
053        this.x509v3PKCert = x509v3PKCert;
054    }
055
056    public static CMPCertificate getInstance(Object o)
057    {
058        if (o == null || o instanceof CMPCertificate)
059        {
060            return (CMPCertificate)o;
061        }
062
063        if (o instanceof byte[])
064        {
065            try
066            {
067                o = ASN1Primitive.fromByteArray((byte[])o);
068            }
069            catch (IOException e)
070            {
071                throw new IllegalArgumentException("Invalid encoding in CMPCertificate");
072            }
073        }
074
075        if (o instanceof ASN1Sequence)
076        {
077            return new CMPCertificate(Certificate.getInstance(o));
078        }
079
080        if (o instanceof ASN1TaggedObject)
081        {
082            ASN1TaggedObject taggedObject = (ASN1TaggedObject)o;
083
084            return new CMPCertificate(taggedObject.getTagNo(), taggedObject.getObject());
085        }
086
087        throw new IllegalArgumentException("Invalid object: " + o.getClass().getName());
088    }
089
090    public boolean isX509v3PKCert()
091    {
092         return x509v3PKCert != null;
093    }
094
095    public Certificate getX509v3PKCert()
096    {
097        return x509v3PKCert;
098    }
099
100    /**
101     * Return an AttributeCertificate interpretation of otherCert.
102     * @deprecated use getOtherCert and getOtherTag to make sure message is really what it should be.
103     *
104     * @return  an AttributeCertificate
105     */
106    public AttributeCertificate getX509v2AttrCert()
107    {
108        return AttributeCertificate.getInstance(otherCert);
109    }
110
111    public int getOtherCertTag()
112    {
113        return otherTagValue;
114    }
115
116    public ASN1Object getOtherCert()
117    {
118        return otherCert;
119    }
120
121    /**
122     * <pre>
123     * CMPCertificate ::= CHOICE {
124     *            x509v3PKCert    Certificate
125     *            otherCert      [tag] EXPLICIT ANY DEFINED BY tag
126     *  }
127     * </pre>
128     * Note: the addition of the explicit tagging is a BC extension. We apologise for the warped syntax, but hopefully you get the idea.
129     *
130     * @return a basic ASN.1 object representation.
131     */
132    public ASN1Primitive toASN1Primitive()
133    {
134        if (otherCert != null)
135        {        // explicit following CMP conventions
136            return new DERTaggedObject(true, otherTagValue, otherCert);
137        }
138
139        return x509v3PKCert.toASN1Primitive();
140    }
141}