diff options
Diffstat (limited to 'core/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/RequestedCertificate.java')
-rw-r--r-- | core/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/RequestedCertificate.java | 181 |
1 files changed, 0 insertions, 181 deletions
diff --git a/core/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/RequestedCertificate.java b/core/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/RequestedCertificate.java deleted file mode 100644 index 5c12016e..00000000 --- a/core/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/RequestedCertificate.java +++ /dev/null @@ -1,181 +0,0 @@ -package org.bouncycastle.asn1.isismtt.ocsp; - -import java.io.IOException; - -import org.bouncycastle.asn1.ASN1Choice; -import org.bouncycastle.asn1.ASN1Object; -import org.bouncycastle.asn1.ASN1OctetString; -import org.bouncycastle.asn1.ASN1Primitive; -import org.bouncycastle.asn1.ASN1Sequence; -import org.bouncycastle.asn1.ASN1TaggedObject; -import org.bouncycastle.asn1.DEROctetString; -import org.bouncycastle.asn1.DERTaggedObject; -import org.bouncycastle.asn1.x509.Certificate; - -/** - * ISIS-MTT-Optional: The certificate requested by the client by inserting the - * RetrieveIfAllowed extension in the request, will be returned in this - * extension. - * <p> - * ISIS-MTT-SigG: The signature act allows publishing certificates only then, - * when the certificate owner gives his explicit permission. Accordingly, there - * may be �nondownloadable� certificates, about which the responder must provide - * status information, but MUST NOT include them in the response. Clients may - * get therefore the following three kind of answers on a single request - * including the RetrieveIfAllowed extension: - * <ul> - * <li> a) the responder supports the extension and is allowed to publish the - * certificate: RequestedCertificate returned including the requested - * certificate - * <li>b) the responder supports the extension but is NOT allowed to publish - * the certificate: RequestedCertificate returned including an empty OCTET - * STRING - * <li>c) the responder does not support the extension: RequestedCertificate is - * not included in the response - * </ul> - * Clients requesting RetrieveIfAllowed MUST be able to handle these cases. If - * any of the OCTET STRING options is used, it MUST contain the DER encoding of - * the requested certificate. - * <pre> - * RequestedCertificate ::= CHOICE { - * Certificate Certificate, - * publicKeyCertificate [0] EXPLICIT OCTET STRING, - * attributeCertificate [1] EXPLICIT OCTET STRING - * } - * </pre> - */ -public class RequestedCertificate - extends ASN1Object - implements ASN1Choice -{ - public static final int certificate = -1; - public static final int publicKeyCertificate = 0; - public static final int attributeCertificate = 1; - - private Certificate cert; - private byte[] publicKeyCert; - private byte[] attributeCert; - - public static RequestedCertificate getInstance(Object obj) - { - if (obj == null || obj instanceof RequestedCertificate) - { - return (RequestedCertificate)obj; - } - - if (obj instanceof ASN1Sequence) - { - return new RequestedCertificate(Certificate.getInstance(obj)); - } - if (obj instanceof ASN1TaggedObject) - { - return new RequestedCertificate((ASN1TaggedObject)obj); - } - - throw new IllegalArgumentException("illegal object in getInstance: " - + obj.getClass().getName()); - } - - public static RequestedCertificate getInstance(ASN1TaggedObject obj, boolean explicit) - { - if (!explicit) - { - throw new IllegalArgumentException("choice item must be explicitly tagged"); - } - - return getInstance(obj.getObject()); - } - - private RequestedCertificate(ASN1TaggedObject tagged) - { - if (tagged.getTagNo() == publicKeyCertificate) - { - publicKeyCert = ASN1OctetString.getInstance(tagged, true).getOctets(); - } - else if (tagged.getTagNo() == attributeCertificate) - { - attributeCert = ASN1OctetString.getInstance(tagged, true).getOctets(); - } - else - { - throw new IllegalArgumentException("unknown tag number: " + tagged.getTagNo()); - } - } - - /** - * Constructor from a given details. - * <p> - * Only one parameter can be given. All other must be <code>null</code>. - * - * @param certificate Given as Certificate - */ - public RequestedCertificate(Certificate certificate) - { - this.cert = certificate; - } - - public RequestedCertificate(int type, byte[] certificateOctets) - { - this(new DERTaggedObject(type, new DEROctetString(certificateOctets))); - } - - public int getType() - { - if (cert != null) - { - return certificate; - } - if (publicKeyCert != null) - { - return publicKeyCertificate; - } - return attributeCertificate; - } - - public byte[] getCertificateBytes() - { - if (cert != null) - { - try - { - return cert.getEncoded(); - } - catch (IOException e) - { - throw new IllegalStateException("can't decode certificate: " + e); - } - } - if (publicKeyCert != null) - { - return publicKeyCert; - } - return attributeCert; - } - - /** - * Produce an object suitable for an ASN1OutputStream. - * <p> - * Returns: - * <pre> - * RequestedCertificate ::= CHOICE { - * Certificate Certificate, - * publicKeyCertificate [0] EXPLICIT OCTET STRING, - * attributeCertificate [1] EXPLICIT OCTET STRING - * } - * </pre> - * - * @return a DERObject - */ - public ASN1Primitive toASN1Primitive() - { - if (publicKeyCert != null) - { - return new DERTaggedObject(0, new DEROctetString(publicKeyCert)); - } - if (attributeCert != null) - { - return new DERTaggedObject(1, new DEROctetString(attributeCert)); - } - return cert.toASN1Primitive(); - } -} |