>From 9867ca570ed1a332ab0cd8d573158279539488bd Mon Sep 17 00:00:00 2001 From: Fraser Tweedale Date: Mon, 11 Aug 2014 03:10:04 -0400 Subject: [PATCH] Add IECUserRolesExtension class --- .../security/extensions/IECUserRolesExtension.java | 174 +++++++++++++++++++++ 1 file changed, 174 insertions(+) create mode 100644 base/util/src/netscape/security/extensions/IECUserRolesExtension.java diff --git a/base/util/src/netscape/security/extensions/IECUserRolesExtension.java b/base/util/src/netscape/security/extensions/IECUserRolesExtension.java new file mode 100644 index 0000000000000000000000000000000000000000..4bf9a0a2753d5b6dd072d462fcf7f3c28a96cc35 --- /dev/null +++ b/base/util/src/netscape/security/extensions/IECUserRolesExtension.java @@ -0,0 +1,174 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2014 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package netscape.security.extensions; + +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.security.cert.CertificateException; +import java.util.Enumeration; +import java.util.Vector; + +import netscape.security.util.BigInt; +import netscape.security.util.DerOutputStream; +import netscape.security.util.DerValue; +import netscape.security.util.ObjectIdentifier; +import netscape.security.x509.CertAttrSet; +import netscape.security.x509.Extension; +import netscape.security.x509.OIDMap; + +/** + * This represents the IEC 62351-8 IECUserRoles extension. + */ +public class IECUserRolesExtension extends Extension implements CertAttrSet { + /** + * + */ + private static final long serialVersionUID = 172340873242193489L; + + public static final String OID = "1.2.840.10070.8.1"; + + private Vector roles; + private int op; + + static { + try { + OIDMap.addAttribute(IECUserRolesExtension.class.getName(), + OID, IECUserRolesExtension.class.getName()); + } catch (CertificateException e) { + } + } + + public IECUserRolesExtension(Vector userRoles, int operation) { + try { + extensionId = ObjectIdentifier.getObjectIdentifier(OID); + } catch (IOException e) { + // never here + } + + roles = userRoles; + op = operation; // TODO restrict to 1..3 + } + + public IECUserRolesExtension(Boolean crit, Object byteVal) + throws IOException { + extensionId = ObjectIdentifier.getObjectIdentifier(OID); + critical = crit.booleanValue(); + extensionValue = ((byte[]) byteVal).clone(); + } + + @Override + public String toString() { + String presentation = "oid=" + OID + " "; + + if (critical) { + presentation += "critical=true"; + } + if (extensionValue != null) { + StringBuffer extByteValue = new StringBuffer(" val="); + for (int i = 0; i < extensionValue.length; i++) { + extByteValue.append(extensionValue[i] + " "); + } + presentation += extByteValue.toString(); + } + return presentation; + } + + public void decode(InputStream in) + throws CertificateException, IOException { + } + + public void encode(DerOutputStream out) throws IOException { + encodeExtValue(); + super.encode(out); + } + + public void encode(OutputStream out) + throws CertificateException, IOException { + DerOutputStream temp = new DerOutputStream(); + encode(temp); + out.write(temp.toByteArray()); + } + + public void set(String name, Object obj) + throws CertificateException, IOException { + // NOT USED + } + + public Object get(String name) throws CertificateException, IOException { + // NOT USED + return null; + } + + public Enumeration getAttributeNames() { + return null; + } + + public String getName() { + return OID; + } + + public void delete(String name) + throws CertificateException, IOException { + // NOT USED + } + + private void encodeExtValue() throws IOException { + if (extensionValue != null) + return; + + DerOutputStream outUserRoleInfo = new DerOutputStream(); + + // write userRole SEQUENCE SIZE (1..MAX) OF RoleID + DerOutputStream outRoles = new DerOutputStream(); + for (int role : roles) { + outRoles.putInteger(new BigInt(role)); + } + outUserRoleInfo.write(DerValue.tag_Sequence, outRoles); + + // write aor (area of responsibility) UTF8String (SIZE(1..64)) + outUserRoleInfo.putUTF8String(""); // TODO aor parameter + + // write revision INTEGER (0..255) + outUserRoleInfo.putInteger(new BigInt(1)); // TODO revision parameter + + // write roleDefinition UTF8String (0..23) OPTIONAL + String roleDefinition = "IEC62351-8"; + outUserRoleInfo.putUTF8String(roleDefinition); + + // write operation Operation OPTIONAL + if (op >= 1 && op <= 3) { + outUserRoleInfo.putEnumerated(op); + } else { + outUserRoleInfo.putNull(); + } + + // write statusChangeSequenceNumber INTEGER (0.. 4 294 967 295) OPTIONAL + outUserRoleInfo.putNull(); // TODO statusChangeSequenceNumber parameter + + // write UserRoleInfo SEQUENCE (of the above information) + DerOutputStream outIECUserRoles = new DerOutputStream(); + outIECUserRoles.write(DerValue.tag_Sequence, outUserRoleInfo); + + // write IECUserRoles SEQUENCE OF UserRoleInfo + DerOutputStream out = new DerOutputStream(); + out.write(DerValue.tag_Sequence, outIECUserRoles); + + extensionValue = out.toByteArray(); + } +} -- 1.9.3