org.bouncycastle.cert.selector.X509AttributeCertificateSelector Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of bcmail Show documentation
Show all versions of bcmail Show documentation
A patched bouncycastle-mail
The newest version!
package org.bouncycastle.cert.selector;
import java.math.BigInteger;
import java.util.Collection;
import java.util.Date;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.Target;
import org.bouncycastle.asn1.x509.TargetInformation;
import org.bouncycastle.asn1.x509.Targets;
import org.bouncycastle.asn1.x509.X509Extension;
import org.bouncycastle.cert.AttributeCertificateHolder;
import org.bouncycastle.cert.AttributeCertificateIssuer;
import org.bouncycastle.cert.X509AttributeCertificateHolder;
import org.bouncycastle.util.Selector;
/**
* This class is an Selector
like implementation to select
* attribute certificates from a given set of criteria.
*/
public class X509AttributeCertificateSelector
implements Selector
{
// TODO: name constraints???
private final AttributeCertificateHolder holder;
private final AttributeCertificateIssuer issuer;
private final BigInteger serialNumber;
private final Date attributeCertificateValid;
private final X509AttributeCertificateHolder attributeCert;
private final Collection targetNames;
private final Collection targetGroups;
X509AttributeCertificateSelector(
AttributeCertificateHolder holder,
AttributeCertificateIssuer issuer,
BigInteger serialNumber,
Date attributeCertificateValid,
X509AttributeCertificateHolder attributeCert,
Collection targetNames,
Collection targetGroups)
{
this.holder = holder;
this.issuer = issuer;
this.serialNumber = serialNumber;
this.attributeCertificateValid = attributeCertificateValid;
this.attributeCert = attributeCert;
this.targetNames = targetNames;
this.targetGroups = targetGroups;
}
/**
* Decides if the given attribute certificate should be selected.
*
* @param obj The X509AttributeCertificateHolder which should be checked.
* @return true
if the attribute certificate is a match
* false
otherwise.
*/
public boolean match(Object obj)
{
if (!(obj instanceof X509AttributeCertificateHolder))
{
return false;
}
X509AttributeCertificateHolder attrCert = (X509AttributeCertificateHolder)obj;
if (this.attributeCert != null)
{
if (!this.attributeCert.equals(attrCert))
{
return false;
}
}
if (serialNumber != null)
{
if (!attrCert.getSerialNumber().equals(serialNumber))
{
return false;
}
}
if (holder != null)
{
if (!attrCert.getHolder().equals(holder))
{
return false;
}
}
if (issuer != null)
{
if (!attrCert.getIssuer().equals(issuer))
{
return false;
}
}
if (attributeCertificateValid != null)
{
if (!attrCert.isValidOn(attributeCertificateValid))
{
return false;
}
}
if (!targetNames.isEmpty() || !targetGroups.isEmpty())
{
X509Extension targetInfoExt = attrCert.getExtension(X509Extension.targetInformation);
if (targetInfoExt != null)
{
TargetInformation targetinfo;
try
{
targetinfo = TargetInformation.getInstance(targetInfoExt.getParsedValue());
}
catch (IllegalArgumentException e)
{
return false;
}
Targets[] targetss = targetinfo.getTargetsObjects();
if (!targetNames.isEmpty())
{
boolean found = false;
for (int i=0; i
* The returned collection is immutable.
*
* @return The collection of target names
*/
public Collection getTargetNames()
{
return targetNames;
}
/**
* Gets the target groups. The collection consists of GeneralName objects.
*
* The returned collection is immutable.
*
* @return The collection of target groups.
*/
public Collection getTargetGroups()
{
return targetGroups;
}
}