org.bouncycastle.cert.selector.X509AttributeCertificateHolderSelectorBuilder Maven / Gradle / Ivy
package org.bouncycastle.cert.selector; import java.io.IOException; import java.math.BigInteger; import java.util.Collection; import java.util.Collections; import java.util.Date; import java.util.HashSet; import java.util.Iterator; import java.util.Set; import org.bouncycastle.asn1.x509.GeneralName; import org.bouncycastle.cert.AttributeCertificateHolder; import org.bouncycastle.cert.AttributeCertificateIssuer; import org.bouncycastle.cert.X509AttributeCertificateHolder; /** * This class builds selectors according to the set criteria. */ public class X509AttributeCertificateHolderSelectorBuilder { // TODO: name constraints??? private AttributeCertificateHolder holder; private AttributeCertificateIssuer issuer; private BigInteger serialNumber; private Date attributeCertificateValid; private X509AttributeCertificateHolder attributeCert; private Collection targetNames = new HashSet(); private Collection targetGroups = new HashSet(); public X509AttributeCertificateHolderSelectorBuilder() { } /** * Set the attribute certificate to be matched. If null
is * given any will do. * * @param attributeCert The attribute certificate holder to set. */ public void setAttributeCert(X509AttributeCertificateHolder attributeCert) { this.attributeCert = attributeCert; } /** * Set the time, when the certificate must be valid. If null * is given any will do. * * @param attributeCertificateValid The attribute certificate validation * time to set. */ public void setAttributeCertificateValid(Date attributeCertificateValid) { if (attributeCertificateValid != null) { this.attributeCertificateValid = new Date(attributeCertificateValid .getTime()); } else { this.attributeCertificateValid = null; } } /** * Sets the holder. If null is given any will do. * * @param holder The holder to set. */ public void setHolder(AttributeCertificateHolder holder) { this.holder = holder; } /** * Sets the issuer the attribute certificate must have. If null * is given any will do. * * @param issuer The issuer to set. */ public void setIssuer(AttributeCertificateIssuer issuer) { this.issuer = issuer; } /** * Sets the serial number the attribute certificate must have. If * null is given any will do. * * @param serialNumber The serialNumber to set. */ public void setSerialNumber(BigInteger serialNumber) { this.serialNumber = serialNumber; } /** * Adds a target name criterion for the attribute certificate to the target * information extension criteria. The X509AttributeCertificateHolder * must contain at least one of the specified target names. ** Each attribute certificate may contain a target information extension * limiting the servers where this attribute certificate can be used. If * this extension is not present, the attribute certificate is not targeted * and may be accepted by any server. * * @param name The name as a GeneralName (not null) */ public void addTargetName(GeneralName name) { targetNames.add(name); } /** * Adds a collection with target names criteria. If null is * given any will do. *
* The collection consists of either GeneralName objects or byte[] arrays representing * DER encoded GeneralName structures. * * @param names A collection of target names. * @throws java.io.IOException if a parsing error occurs. * @see #addTargetName(org.bouncycastle.asn1.x509.GeneralName) */ public void setTargetNames(Collection names) throws IOException { targetNames = extractGeneralNames(names); } /** * Adds a target group criterion for the attribute certificate to the target * information extension criteria. The X509AttributeCertificateHolder * must contain at least one of the specified target groups. *
* Each attribute certificate may contain a target information extension * limiting the servers where this attribute certificate can be used. If * this extension is not present, the attribute certificate is not targeted * and may be accepted by any server. * * @param group The group as GeneralName form (not null) */ public void addTargetGroup(GeneralName group) { targetGroups.add(group); } /** * Adds a collection with target groups criteria. If null is * given any will do. *
* The collection consists of GeneralName objects or byte[] * representing DER encoded GeneralNames. * * @param names A collection of target groups. * @throws java.io.IOException if a parsing error occurs. * @see #addTargetGroup(org.bouncycastle.asn1.x509.GeneralName) */ public void setTargetGroups(Collection names) throws IOException { targetGroups = extractGeneralNames(names); } private Set extractGeneralNames(Collection names) throws IOException { if (names == null || names.isEmpty()) { return new HashSet(); } Set temp = new HashSet(); for (Iterator it = names.iterator(); it.hasNext();) { temp.add(GeneralName.getInstance(it.next())); } return temp; } public X509AttributeCertificateHolderSelector build() { X509AttributeCertificateHolderSelector sel = new X509AttributeCertificateHolderSelector( holder, issuer, serialNumber, attributeCertificateValid, attributeCert, Collections.unmodifiableCollection(new HashSet(targetNames)), Collections.unmodifiableCollection(new HashSet(targetGroups))); return sel; } }