/*
* Copyright (c) 2011-2012 ICM Uniwersytet Warszawski All rights reserved.
* See LICENCE file for licensing information.
*/
package eu.emi.security.authn.x509.helpers.proxy;
import java.io.IOException;
import java.security.cert.X509Certificate;
import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.DLSequence;
import org.bouncycastle.asn1.x509.AttributeCertificate;
import eu.emi.security.authn.x509.helpers.CertificateHelpers;
/**
* A class for handling the VOMS AC extension in certificates (OID: 1.3.6.1.4.1.8005.100.100.5)
*
* @author K. Benedyczak
*/
public class ProxyACExtension extends ASN1Object
{
/** The OID for the AC assertion. */
public static final String AC_OID = "1.3.6.1.4.1.8005.100.100.5";
/** The ASN.1 encoded contents of the extension. */
private DLSequence ac = null;
/**
* Generates a new ProxyACExtension object form the byte array
*
* @param bytes bytes
* @throws IOException IO exception
*/
public ProxyACExtension(byte[] bytes) throws IOException
{
ac = (DLSequence) ASN1Primitive.fromByteArray(bytes);
}
/**
* Used to generate an instance from the AttributeCertificate object.
*
* @param certificates the AC
*/
public ProxyACExtension(AttributeCertificate[] certificates)
{
DLSequence seqac = new DLSequence(certificates);
DLSequence seqWrapper = new DLSequence(seqac);
this.ac = seqWrapper;
}
/**
* Returns the AC extension form the certificate.
*
* @param cert certificate
* @return The AC extension object. In no extension was
* found, null is returned.
* @throws IOException
* In case there is a problem parsing the certificate.
*/
public static ProxyACExtension getInstance(X509Certificate cert) throws IOException
{
byte bytes[] = CertificateHelpers.getExtensionBytes(cert, ProxyACExtension.AC_OID);
if (bytes == null || bytes.length == 0)
return null;
return new ProxyACExtension(bytes);
}
/**
* Used to get the AC extension object.
*
* @return The AC object
*/
public AttributeCertificate[] getAttributeCertificates()
{
DLSequence seqac = (DLSequence) ac.getObjectAt(0);
AttributeCertificate[] ret = new AttributeCertificate[seqac.size()];
for (int i=0; i<ret.length; i++)
ret[i] = AttributeCertificate.getInstance(seqac.getObjectAt(i));
return ret;
}
/**
* {@inheritDoc}
*/
@Override
public ASN1Primitive toASN1Primitive()
{
return ac;
}
}