/*
* Portions of this file Copyright 1999-2005 University of Chicago
* Portions of this file Copyright 1999-2005 The University of Southern California.
*
* This file or a portion of this file is licensed under the
* terms of the Globus Toolkit Public License, found at
* http://www.globus.org/toolkit/download/license.html.
* If you redistribute this file, with or without
* modifications, you must include this notice in the file.
*/
package org.cagrid.security.ssl.proxy.trust;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DEREncodable;
import org.bouncycastle.asn1.DERObject;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERTaggedObject;
/**
* Represents the policy part of the ProxyCertInfo extension. <BR>
*
* <PRE>
* ProxyPolicy ::= SEQUENCE {
* policyLanguage OBJECT IDENTIFIER,
* policy OCTET STRING OPTIONAL }
* </PRE>
*/
public class ProxyPolicy implements DEREncodable {
/** Impersonation proxy OID */
public static final DERObjectIdentifier IMPERSONATION = new DERObjectIdentifier(
"1.3.6.1.5.5.7.21.1");
/** Independent proxy OID */
public static final DERObjectIdentifier INDEPENDENT = new DERObjectIdentifier(
"1.3.6.1.5.5.7.21.2");
/** Limited proxy OID */
public static final DERObjectIdentifier LIMITED = new DERObjectIdentifier(
"1.3.6.1.4.1.3536.1.1.1.9");
private DERObjectIdentifier policyLanguage;
private DEROctetString policy;
/**
* Creates a new instance of the ProxyPolicy object from given ASN1Sequence
* object.
*
* @param seq
* ASN1Sequence object to create the instance from.
*/
public ProxyPolicy(ASN1Sequence seq) {
if (seq.size() < 1) {
throw new IllegalArgumentException("Invalid sequence");
}
this.policyLanguage = (DERObjectIdentifier) seq.getObjectAt(0);
if (seq.size() > 1) {
DEREncodable obj = seq.getObjectAt(1);
if (obj instanceof DERTaggedObject) {
obj = ((DERTaggedObject) obj).getObject();
}
this.policy = (DEROctetString) obj;
}
checkConstraints();
}
/**
* Returns the DER-encoded ASN.1 representation of proxy policy.
*
* @return <code>DERObject</code> the encoded representation of the proxy
* policy.
*/
public DERObject getDERObject() {
ASN1EncodableVector vec = new ASN1EncodableVector();
vec.add(this.policyLanguage);
if (this.policy != null) {
vec.add(this.policy);
}
return new DERSequence(vec);
}
/**
* Creates a new instance of the ProxyPolicy object.
*
* @param policyLanguage
* the language policy Oid.
* @param policy
* the policy.
*/
public ProxyPolicy(DERObjectIdentifier policyLanguage, byte[] policy) {
if (policyLanguage == null) {
throw new IllegalArgumentException("Policy langauge oid required");
}
this.policyLanguage = policyLanguage;
if (policy != null) {
this.policy = new DEROctetString(policy);
}
checkConstraints();
}
/**
* Creates a new instance of the ProxyPolicy object.
*
* @param policyLanguageOid
* the language policy Oid.
* @param policy
* the policy.
*/
public ProxyPolicy(String policyLanguageOid, byte[] policy) {
if (policyLanguageOid == null) {
throw new IllegalArgumentException("Policy langauge oid required");
}
this.policyLanguage = new DERObjectIdentifier(policyLanguageOid);
if (policy != null) {
this.policy = new DEROctetString(policy);
}
checkConstraints();
}
/**
* Creates a new instance of the ProxyPolicy object.
*
* @param policyLanguage
* the language policy Oid.
* @param policy
* the policy.
*/
public ProxyPolicy(DERObjectIdentifier policyLanguage, String policy) {
this(policyLanguage, (policy != null) ? policy.getBytes() : null);
}
/**
* Creates a new instance of the ProxyPolicy object with no policy.
*
* @param policyLanguage
* the language policy Oid.
*/
public ProxyPolicy(DERObjectIdentifier policyLanguage) {
this(policyLanguage, (byte[]) null);
}
protected void checkConstraints() {
if ((this.policyLanguage.equals(IMPERSONATION) || this.policyLanguage
.equals(INDEPENDENT)) && this.policy != null) {
throw new IllegalArgumentException("Constrains violation.");
}
}
/**
* Returns the actual policy embedded in the ProxyPolicy object.
*
* @return the policy in bytes. Might be null.
*/
public byte[] getPolicy() {
return (this.policy != null) ? this.policy.getOctets() : null;
}
/**
* Returns the actual policy embedded in the ProxyPolicy object.
*
* @return the policy as String. Might be null.
*/
public String getPolicyAsString() {
return (this.policy != null) ? new String(this.policy.getOctets())
: null;
}
/**
* Returns the policy language of the ProxyPolicy.
*
* @return the policy language Oid.
*/
public DERObjectIdentifier getPolicyLanguage() {
return this.policyLanguage;
}
public String toString() {
StringBuffer buf = new StringBuffer();
buf.append("ProxyPolicy: ");
buf.append(this.policyLanguage.getId());
if (this.policy != null) {
buf.append(System.getProperty("line.separator"));
buf.append(getPolicyAsString());
}
return buf.toString();
}
}