1 package org.bouncycastle.asn1.x509; 2 3 import java.math.BigInteger; 4 5 import org.bouncycastle.asn1.ASN1Boolean; 6 import org.bouncycastle.asn1.ASN1EncodableVector; 7 import org.bouncycastle.asn1.ASN1Integer; 8 import org.bouncycastle.asn1.ASN1Object; 9 import org.bouncycastle.asn1.ASN1Primitive; 10 import org.bouncycastle.asn1.ASN1Sequence; 11 import org.bouncycastle.asn1.ASN1TaggedObject; 12 import org.bouncycastle.asn1.DERSequence; 13 14 public class BasicConstraints 15 extends ASN1Object 16 { 17 ASN1Boolean cA = ASN1Boolean.getInstance(false); 18 ASN1Integer pathLenConstraint = null; 19 getInstance( ASN1TaggedObject obj, boolean explicit)20 public static BasicConstraints getInstance( 21 ASN1TaggedObject obj, 22 boolean explicit) 23 { 24 return getInstance(ASN1Sequence.getInstance(obj, explicit)); 25 } 26 getInstance( Object obj)27 public static BasicConstraints getInstance( 28 Object obj) 29 { 30 if (obj instanceof BasicConstraints) 31 { 32 return (BasicConstraints)obj; 33 } 34 if (obj instanceof X509Extension) 35 { 36 return getInstance(X509Extension.convertValueToObject((X509Extension)obj)); 37 } 38 if (obj != null) 39 { 40 return new BasicConstraints(ASN1Sequence.getInstance(obj)); 41 } 42 43 return null; 44 } 45 fromExtensions(Extensions extensions)46 public static BasicConstraints fromExtensions(Extensions extensions) 47 { 48 return BasicConstraints.getInstance(extensions.getExtensionParsedValue(Extension.basicConstraints)); 49 } 50 BasicConstraints( ASN1Sequence seq)51 private BasicConstraints( 52 ASN1Sequence seq) 53 { 54 if (seq.size() == 0) 55 { 56 this.cA = null; 57 this.pathLenConstraint = null; 58 } 59 else 60 { 61 if (seq.getObjectAt(0) instanceof ASN1Boolean) 62 { 63 this.cA = ASN1Boolean.getInstance(seq.getObjectAt(0)); 64 } 65 else 66 { 67 this.cA = null; 68 this.pathLenConstraint = ASN1Integer.getInstance(seq.getObjectAt(0)); 69 } 70 if (seq.size() > 1) 71 { 72 if (this.cA != null) 73 { 74 this.pathLenConstraint = ASN1Integer.getInstance(seq.getObjectAt(1)); 75 } 76 else 77 { 78 throw new IllegalArgumentException("wrong sequence in constructor"); 79 } 80 } 81 } 82 } 83 BasicConstraints( boolean cA)84 public BasicConstraints( 85 boolean cA) 86 { 87 if (cA) 88 { 89 this.cA = ASN1Boolean.getInstance(true); 90 } 91 else 92 { 93 this.cA = null; 94 } 95 this.pathLenConstraint = null; 96 } 97 98 /** 99 * create a cA=true object for the given path length constraint. 100 * 101 * @param pathLenConstraint 102 */ BasicConstraints( int pathLenConstraint)103 public BasicConstraints( 104 int pathLenConstraint) 105 { 106 this.cA = ASN1Boolean.getInstance(true); 107 this.pathLenConstraint = new ASN1Integer(pathLenConstraint); 108 } 109 isCA()110 public boolean isCA() 111 { 112 return (cA != null) && cA.isTrue(); 113 } 114 getPathLenConstraint()115 public BigInteger getPathLenConstraint() 116 { 117 if (pathLenConstraint != null) 118 { 119 return pathLenConstraint.getValue(); 120 } 121 122 return null; 123 } 124 125 /** 126 * Produce an object suitable for an ASN1OutputStream. 127 * <pre> 128 * BasicConstraints := SEQUENCE { 129 * cA BOOLEAN DEFAULT FALSE, 130 * pathLenConstraint INTEGER (0..MAX) OPTIONAL 131 * } 132 * </pre> 133 */ toASN1Primitive()134 public ASN1Primitive toASN1Primitive() 135 { 136 ASN1EncodableVector v = new ASN1EncodableVector(); 137 138 if (cA != null) 139 { 140 v.add(cA); 141 } 142 143 if (pathLenConstraint != null) // yes some people actually do this when cA is false... 144 { 145 v.add(pathLenConstraint); 146 } 147 148 return new DERSequence(v); 149 } 150 toString()151 public String toString() 152 { 153 if (pathLenConstraint == null) 154 { 155 if (cA == null) 156 { 157 return "BasicConstraints: isCa(false)"; 158 } 159 return "BasicConstraints: isCa(" + this.isCA() + ")"; 160 } 161 return "BasicConstraints: isCa(" + this.isCA() + "), pathLenConstraint = " + pathLenConstraint.getValue(); 162 } 163 } 164