1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
package org.openpermis.cert; |
11 | |
|
12 | |
import java.util.LinkedList; |
13 | |
import java.util.List; |
14 | |
|
15 | |
import org.bouncycastle.asn1.ASN1Encodable; |
16 | |
import org.bouncycastle.asn1.ASN1EncodableVector; |
17 | |
import org.bouncycastle.asn1.ASN1Sequence; |
18 | |
import org.bouncycastle.asn1.DERSequence; |
19 | |
import org.bouncycastle.asn1.DERUTF8String; |
20 | |
import org.bouncycastle.util.StreamParsingException; |
21 | |
import org.bouncycastle.x509.X509Attribute; |
22 | |
|
23 | |
|
24 | |
|
25 | |
|
26 | |
|
27 | |
public class RoleAttribute |
28 | |
implements Attribute |
29 | |
{ |
30 | |
|
31 | |
|
32 | |
|
33 | |
|
34 | |
|
35 | |
|
36 | |
|
37 | |
public static final String OID = "1.2.826.0.1.3344810.1.1.14"; |
38 | |
|
39 | |
|
40 | |
|
41 | |
private final List<RoleDefinition> roles; |
42 | |
|
43 | |
private final X509Attribute attribute; |
44 | |
|
45 | |
|
46 | |
|
47 | |
|
48 | |
|
49 | |
|
50 | |
|
51 | |
|
52 | 10 | public RoleAttribute (X509Attribute attribute) throws StreamParsingException { |
53 | 10 | this.attribute = attribute; |
54 | 10 | this.roles = decode(attribute); |
55 | 10 | } |
56 | |
|
57 | |
|
58 | |
|
59 | |
|
60 | |
|
61 | 1 | public RoleAttribute (List<RoleDefinition> roles) { |
62 | 1 | this.roles = roles; |
63 | 1 | this.attribute = encode(roles); |
64 | 1 | } |
65 | |
|
66 | |
|
67 | |
|
68 | |
|
69 | |
|
70 | |
|
71 | |
|
72 | |
|
73 | |
public List<RoleDefinition> getRoles () { |
74 | 11 | return this.roles; |
75 | |
} |
76 | |
|
77 | |
|
78 | |
|
79 | |
|
80 | |
private static List<RoleDefinition> decode (X509Attribute attribute) |
81 | |
throws StreamParsingException |
82 | |
{ |
83 | 10 | final List<RoleDefinition> result = new LinkedList<RoleDefinition>(); |
84 | 21 | for (ASN1Encodable value : attribute.getValues()) { |
85 | 11 | if (value instanceof ASN1Sequence) { |
86 | 11 | final ASN1Sequence sequence = (ASN1Sequence) value; |
87 | 11 | if (sequence.size() == 2 && |
88 | |
sequence.getObjectAt(0) instanceof DERUTF8String && |
89 | |
sequence.getObjectAt(1) instanceof DERUTF8String |
90 | |
) { |
91 | 11 | final String hierarchy = ((DERUTF8String) sequence.getObjectAt(0)).toString(); |
92 | 11 | final String role = ((DERUTF8String) sequence.getObjectAt(1)).toString(); |
93 | 11 | result.add(new RoleDefinition(hierarchy, role)); |
94 | 11 | } else { |
95 | 0 | throw new StreamParsingException("Non a valid role attribute value", null); |
96 | |
} |
97 | |
} |
98 | |
} |
99 | 10 | if (result.size() < 1) { |
100 | 0 | throw new StreamParsingException("Not a valid role attribute", null); |
101 | |
} |
102 | 10 | return result; |
103 | |
} |
104 | |
|
105 | |
|
106 | |
|
107 | |
|
108 | |
private static X509Attribute encode (List<RoleDefinition> roles) { |
109 | 1 | if (roles == null) { |
110 | 0 | throw new IllegalArgumentException("List is null."); |
111 | |
} |
112 | 1 | if (roles.size() == 0) { |
113 | 0 | throw new IllegalArgumentException("List is empty."); |
114 | |
} |
115 | 1 | final ASN1EncodableVector vector = new ASN1EncodableVector(); |
116 | 1 | for (RoleDefinition roleDef : roles) { |
117 | 2 | vector.add( |
118 | |
new DERSequence( |
119 | |
new ASN1Encodable[] { |
120 | |
new DERUTF8String(roleDef.getHierarchy()), |
121 | |
new DERUTF8String(roleDef.getName()) |
122 | |
} |
123 | |
) |
124 | |
); |
125 | |
} |
126 | 1 | return new X509Attribute(OID, vector); |
127 | |
} |
128 | |
|
129 | |
|
130 | |
|
131 | |
|
132 | |
|
133 | |
|
134 | |
|
135 | |
|
136 | |
public X509Attribute getAttribute () { |
137 | 1 | return this.attribute; |
138 | |
} |
139 | |
|
140 | |
|
141 | |
|
142 | |
|
143 | |
|
144 | |
|
145 | |
public static class RoleDefinition { |
146 | |
|
147 | |
private String name; |
148 | |
|
149 | |
private String hierarchy; |
150 | |
|
151 | |
|
152 | |
|
153 | |
|
154 | |
|
155 | |
|
156 | |
|
157 | 13 | public RoleDefinition (String hierarchy, String name) { |
158 | 13 | if (hierarchy == null || name == null) { |
159 | 0 | throw new IllegalArgumentException("Hierarchy or role is null."); |
160 | |
} |
161 | 13 | this.hierarchy = hierarchy; |
162 | 13 | this.name = name; |
163 | 13 | } |
164 | |
|
165 | |
|
166 | |
|
167 | |
|
168 | |
|
169 | |
|
170 | |
public String getName () { |
171 | 17 | return this.name; |
172 | |
} |
173 | |
|
174 | |
|
175 | |
|
176 | |
|
177 | |
|
178 | |
|
179 | |
public String getHierarchy () { |
180 | 14 | return this.hierarchy; |
181 | |
} |
182 | |
|
183 | |
|
184 | |
|
185 | |
|
186 | |
@Override |
187 | |
public boolean equals (Object object) { |
188 | 3 | if (object == null) { |
189 | 0 | return false; |
190 | |
} |
191 | 3 | if (object == this) { |
192 | 0 | return true; |
193 | |
} |
194 | 3 | if (object instanceof RoleDefinition) { |
195 | 3 | return |
196 | |
getName().equals(((RoleDefinition) object).getName()) && |
197 | |
getHierarchy().equals(((RoleDefinition) object).getHierarchy()); |
198 | |
} |
199 | 0 | return false; |
200 | |
} |
201 | |
|
202 | |
|
203 | |
|
204 | |
|
205 | |
@Override |
206 | |
public int hashCode () { |
207 | 0 | return getName().hashCode() * getHierarchy().hashCode(); |
208 | |
} |
209 | |
} |
210 | |
|
211 | |
} |