All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.bouncycastle.asn1.eac.CertificateHolderAuthorization Maven / Gradle / Ivy

Go to download

The Bouncy Castle Java APIs for ASN.1 extension and utility APIs used to support bcpkix and bctls with the BC FIPS provider. The APIs may also be used with other providers although if being used in a FIPS context it is the responsibility of the user to ensure that any other providers used are FIPS certified and used appropriately.

The newest version!
package org.bouncycastle.asn1.eac;

import java.io.IOException;
import java.util.Hashtable;

import org.bouncycastle.asn1.ASN1ApplicationSpecific;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.DERApplicationSpecific;
import org.bouncycastle.util.Integers;

/**
 * an Iso7816CertificateHolderAuthorization structure.
 * 
 *  Certificate Holder Authorization ::= SEQUENCE {
 *      // specifies the format and the rules for the evaluation of the authorization
 *      // level
 *      ASN1ObjectIdentifier        oid,
 *      // access rights
 *      DERApplicationSpecific    accessRights,
 *  }
 * 
*/ public class CertificateHolderAuthorization extends ASN1Object { ASN1ObjectIdentifier oid; ASN1ApplicationSpecific accessRights; public static final ASN1ObjectIdentifier id_role_EAC = EACObjectIdentifiers.bsi_de.branch("3.1.2.1"); public static final int CVCA = 0xC0; public static final int DV_DOMESTIC = 0x80; public static final int DV_FOREIGN = 0x40; public static final int IS = 0; public static final int RADG4 = 0x02;//Read Access to DG4 (Iris) public static final int RADG3 = 0x01;//Read Access to DG3 (fingerprint) static Hashtable RightsDecodeMap = new Hashtable(); static BidirectionalMap AuthorizationRole = new BidirectionalMap(); static { RightsDecodeMap.put(Integers.valueOf(RADG4), "RADG4"); RightsDecodeMap.put(Integers.valueOf(RADG3), "RADG3"); AuthorizationRole.put(Integers.valueOf(CVCA), "CVCA"); AuthorizationRole.put(Integers.valueOf(DV_DOMESTIC), "DV_DOMESTIC"); AuthorizationRole.put(Integers.valueOf(DV_FOREIGN), "DV_FOREIGN"); AuthorizationRole.put(Integers.valueOf(IS), "IS"); /* for (int i : RightsDecodeMap.keySet()) ReverseMap.put(RightsDecodeMap.get(i), i); for (int i : AuthorizationRole.keySet()) ReverseMap.put(AuthorizationRole.get(i), i); */ } public static String getRoleDescription(int i) { return (String)AuthorizationRole.get(Integers.valueOf(i)); } public static int getFlag(String description) { Integer i = (Integer)AuthorizationRole.getReverse(description); if (i == null) { throw new IllegalArgumentException("Unknown value " + description); } return i.intValue(); } private void setPrivateData(ASN1InputStream cha) throws IOException { ASN1Primitive obj; obj = cha.readObject(); if (obj instanceof ASN1ObjectIdentifier) { this.oid = (ASN1ObjectIdentifier)obj; } else { throw new IllegalArgumentException("no Oid in CerticateHolderAuthorization"); } obj = cha.readObject(); if (obj instanceof ASN1ApplicationSpecific) { this.accessRights = (ASN1ApplicationSpecific)obj; } else { throw new IllegalArgumentException("No access rights in CerticateHolderAuthorization"); } } /** * create an Iso7816CertificateHolderAuthorization according to the parameters * * @param oid Object Identifier : specifies the format and the rules for the * evaluatioin of the authorization level. * @param rights specifies the access rights * @throws IOException */ public CertificateHolderAuthorization(ASN1ObjectIdentifier oid, int rights) throws IOException { setOid(oid); setAccessRights((byte)rights); } // compatibility constructor for older APIs. public CertificateHolderAuthorization(DERApplicationSpecific aSpe) throws IOException { this(ASN1ApplicationSpecific.getInstance(aSpe)); } /** * create an Iso7816CertificateHolderAuthorization according to the {@link ASN1ApplicationSpecific} * * @param aSpe the DERApplicationSpecific containing the data * @throws IOException */ public CertificateHolderAuthorization(ASN1ApplicationSpecific aSpe) throws IOException { if (aSpe.getApplicationTag() == EACTags.CERTIFICATE_HOLDER_AUTHORIZATION_TEMPLATE) { setPrivateData(new ASN1InputStream(aSpe.getContents())); } } /** * @return containing the access rights */ public int getAccessRights() { return accessRights.getContents()[0] & 0xff; } /** * create a DERApplicationSpecific and set the access rights to "rights" * * @param rights byte containing the rights. */ private void setAccessRights(byte rights) { byte[] accessRights = new byte[1]; accessRights[0] = rights; this.accessRights = new DERApplicationSpecific(EACTags.DISCRETIONARY_DATA, accessRights); } /** * @return the Object identifier */ public ASN1ObjectIdentifier getOid() { return oid; } /** * set the Object Identifier * * @param oid {@link ASN1ObjectIdentifier} containing the Object Identifier */ private void setOid(ASN1ObjectIdentifier oid) { this.oid = oid; } /** * return the Certificate Holder Authorization as a DERApplicationSpecific Object */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(oid); v.add(accessRights); return new DERApplicationSpecific(EACTags.CERTIFICATE_HOLDER_AUTHORIZATION_TEMPLATE, v); } }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy