All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.bouncycastle.asn1.eac.CertificateHolderAuthorization Maven / Gradle / Ivy

package org.bouncycastle.asn1.eac;

import java.io.IOException;
import java.util.HashMap;
import java.util.Map;

import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.BERTags;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.util.Integers;

/**
 * an Iso7816CertificateHolderAuthorization structure.
 * 
 *  Certificate Holder Authorization ::= SEQUENCE {
 *      // specifies the format and the rules for the evaluation of the authorization
 *      // level
 *      ASN1ObjectIdentifier        oid,
 *      // access rights
 *      ASN1TaggedObject            accessRights,
 *  }
 * 
*/ public class CertificateHolderAuthorization extends ASN1Object { public static final ASN1ObjectIdentifier id_role_EAC = EACObjectIdentifiers.bsi_de.branch("3.1.2.1"); public static final int CVCA = 0xC0; public static final int DV_DOMESTIC = 0x80; public static final int DV_FOREIGN = 0x40; public static final int IS = 0; public static final int RADG4 = 0x02;//Read Access to DG4 (Iris) public static final int RADG3 = 0x01;//Read Access to DG3 (fingerprint) static Map RightsDecodeMap = new HashMap(); static BidirectionalMap AuthorizationRole = new BidirectionalMap(); static { RightsDecodeMap.put(Integers.valueOf(RADG4), "RADG4"); RightsDecodeMap.put(Integers.valueOf(RADG3), "RADG3"); AuthorizationRole.put(Integers.valueOf(CVCA), "CVCA"); AuthorizationRole.put(Integers.valueOf(DV_DOMESTIC), "DV_DOMESTIC"); AuthorizationRole.put(Integers.valueOf(DV_FOREIGN), "DV_FOREIGN"); AuthorizationRole.put(Integers.valueOf(IS), "IS"); } private ASN1ObjectIdentifier oid; private byte accessRights; public static String getRoleDescription(int i) { return (String)AuthorizationRole.get(Integers.valueOf(i)); } public static int getFlag(String description) { Integer i = (Integer)AuthorizationRole.getReverse(description); if (i == null) { throw new IllegalArgumentException("Unknown value " + description); } return i.intValue(); } private void setPrivateData(ASN1Sequence seq) { ASN1Primitive obj; obj = (ASN1Primitive)seq.getObjectAt(0); if (obj instanceof ASN1ObjectIdentifier) { this.oid = (ASN1ObjectIdentifier)obj; } else { throw new IllegalArgumentException("no Oid in CerticateHolderAuthorization"); } obj = (ASN1Primitive)seq.getObjectAt(1); if (obj instanceof ASN1TaggedObject) { ASN1TaggedObject tObj = ASN1TaggedObject.getInstance(obj, BERTags.APPLICATION, EACTags.DISCRETIONARY_DATA); this.accessRights = ASN1OctetString.getInstance(tObj.getBaseUniversal(false, BERTags.OCTET_STRING)).getOctets()[0]; } else { throw new IllegalArgumentException("No access rights in CerticateHolderAuthorization"); } } /** * create an Iso7816CertificateHolderAuthorization according to the parameters * * @param oid Object Identifier : specifies the format and the rules for the * evaluatioin of the authorization level. * @param rights specifies the access rights * @throws IOException */ public CertificateHolderAuthorization(ASN1ObjectIdentifier oid, int rights) throws IOException { setOid(oid); setAccessRights((byte)rights); } /** * create an Iso7816CertificateHolderAuthorization according to the {@link ASN1TaggedObject} * * @param aSpe the ASN1TaggedObject containing the data * @throws IOException */ public CertificateHolderAuthorization(ASN1TaggedObject aSpe) throws IOException { if (aSpe.hasTag(BERTags.APPLICATION, EACTags.CERTIFICATE_HOLDER_AUTHORIZATION_TEMPLATE)) { setPrivateData(ASN1Sequence.getInstance(aSpe.getBaseUniversal(false, BERTags.SEQUENCE))); } else { throw new IllegalArgumentException("Unrecognized object in CerticateHolderAuthorization"); } } /** * @return containing the access rights */ public int getAccessRights() { return accessRights & 0xff; } /** * create an ASN1TaggedObject and set the access rights to "rights" * * @param rights byte containing the rights. */ private void setAccessRights(byte rights) { this.accessRights = rights; } /** * @return the Object identifier */ public ASN1ObjectIdentifier getOid() { return oid; } /** * set the Object Identifier * * @param oid {@link ASN1ObjectIdentifier} containing the Object Identifier */ private void setOid(ASN1ObjectIdentifier oid) { this.oid = oid; } /** * return the Certificate Holder Authorization as an ASN1TaggedObject */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(2); v.add(oid); v.add(EACTagged.create(EACTags.DISCRETIONARY_DATA, new byte[] { accessRights })); return EACTagged.create(EACTags.CERTIFICATE_HOLDER_AUTHORIZATION_TEMPLATE, new DERSequence(v)); } }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy