001/*
002 * Copyright 2017-2020 Ping Identity Corporation
003 * All Rights Reserved.
004 */
005/*
006 * Copyright 2017-2020 Ping Identity Corporation
007 *
008 * Licensed under the Apache License, Version 2.0 (the "License");
009 * you may not use this file except in compliance with the License.
010 * You may obtain a copy of the License at
011 *
012 *    http://www.apache.org/licenses/LICENSE-2.0
013 *
014 * Unless required by applicable law or agreed to in writing, software
015 * distributed under the License is distributed on an "AS IS" BASIS,
016 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
017 * See the License for the specific language governing permissions and
018 * limitations under the License.
019 */
020/*
021 * Copyright (C) 2017-2020 Ping Identity Corporation
022 *
023 * This program is free software; you can redistribute it and/or modify
024 * it under the terms of the GNU General Public License (GPLv2 only)
025 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only)
026 * as published by the Free Software Foundation.
027 *
028 * This program is distributed in the hope that it will be useful,
029 * but WITHOUT ANY WARRANTY; without even the implied warranty of
030 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
031 * GNU General Public License for more details.
032 *
033 * You should have received a copy of the GNU General Public License
034 * along with this program; if not, see <http://www.gnu.org/licenses>.
035 */
036package com.unboundid.util.ssl.cert;
037
038
039
040import com.unboundid.util.OID;
041import com.unboundid.util.StaticUtils;
042import com.unboundid.util.ThreadSafety;
043import com.unboundid.util.ThreadSafetyLevel;
044
045import static com.unboundid.util.ssl.cert.CertMessages.*;
046
047
048
049/**
050 * This enum defines a set of OIDs that are known to be used in the
051 * {@link ExtendedKeyUsageExtension}.  Note that extended key usage extensions
052 * may include OIDs that are not included in this enum, and any code that makes
053 * use of the extension should be prepared to handle other key usage IDs.
054 */
055@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE)
056public enum ExtendedKeyUsageID
057{
058  /**
059   * The extended key usage ID that indicates that the associated certificate
060   * may be used for TLS server authentication.
061   */
062  TLS_SERVER_AUTHENTICATION("1.3.6.1.5.5.7.3.1",
063       INFO_EXTENDED_KEY_USAGE_ID_TLS_SERVER_AUTHENTICATION.get()),
064
065
066
067  /**
068   * The extended key usage ID that indicates that the associated certificate
069   * may be used for TLS client authentication.
070   */
071  TLS_CLIENT_AUTHENTICATION("1.3.6.1.5.5.7.3.2",
072       INFO_EXTENDED_KEY_USAGE_ID_TLS_CLIENT_AUTHENTICATION.get()),
073
074
075
076  /**
077   * The extended key usage ID that indicates that the associated certificate
078   * may be used for code signing.
079   */
080  CODE_SIGNING("1.3.6.1.5.5.7.3.3",
081       INFO_EXTENDED_KEY_USAGE_ID_CODE_SIGNING.get()),
082
083
084
085  /**
086   * The extended key usage ID that indicates that the associated certificate
087   * may be used for email protection.
088   */
089  EMAIL_PROTECTION("1.3.6.1.5.5.7.3.4",
090       INFO_EXTENDED_KEY_USAGE_ID_EMAIL_PROTECTION.get()),
091
092
093
094  /**
095   * The extended key usage ID that indicates that the associated certificate
096   * may be used for time stamping.
097   */
098  TIME_STAMPING("1.3.6.1.5.5.7.3.8",
099       INFO_EXTENDED_KEY_USAGE_ID_TIME_STAMPING.get()),
100
101
102
103  /**
104   * The extended key usage ID that indicates that the associated certificate
105   * may be used for signing OCSP responses.
106   */
107  OCSP_SIGNING("1.3.6.1.5.5.7.3.9",
108       INFO_EXTENDED_KEY_USAGE_ID_OCSP_SIGNING.get());
109
110
111
112  // The OID for this extended key usage ID value.
113  private final OID oid;
114
115  // The human-readable name for this extended key usage ID value.
116  private final String name;
117
118
119
120  /**
121   * Creates a new extended key usage ID value with the provided information.
122   *
123   * @param  oidString  The string representation of the OID for this extended
124   *                    key usage ID value.
125   * @param  name       The human-readable name for this extended key usage ID
126   *                    value.
127   */
128  ExtendedKeyUsageID(final String oidString, final String name)
129  {
130    this.name = name;
131
132    oid = new OID(oidString);
133  }
134
135
136
137  /**
138   * Retrieves the OID for this extended key usage ID value.
139   *
140   * @return  The OID for this extended key usage ID value.
141   */
142  public OID getOID()
143  {
144    return oid;
145  }
146
147
148
149  /**
150   * Retrieves the human-readable name for this extended key usage ID value.
151   *
152   * @return  The human-readable name for this extended key usage ID value.
153   */
154  public String getName()
155  {
156    return name;
157  }
158
159
160
161  /**
162   * Retrieves the extended key usage ID value with the specified OID.
163   *
164   * @param  oid  The OID of the extended key usage ID value to retrieve.  It
165   *              must not be {@code null}.
166   *
167   * @return  The extended key usage ID value with the specified OID, or
168   *          {@code null} if there is no value with the specified OID.
169   */
170  public static ExtendedKeyUsageID forOID(final OID oid)
171  {
172    for (final ExtendedKeyUsageID id : values())
173    {
174      if (id.oid.equals(oid))
175      {
176        return id;
177      }
178    }
179
180    return null;
181  }
182
183
184
185  /**
186   * Retrieves the human-readable name for the extended key usage ID value with
187   * the provided OID, or a string representation of the OID if there is no
188   * value with that OID.
189   *
190   * @param  oid  The OID for the extended key usage ID to retrieve.
191   *
192   * @return  The human-readable name for the extended key usage ID value with
193   *            the provided OID, or a string representation of the OID if there
194   *            is no value with that OID.
195   */
196  public static String getNameOrOID(final OID oid)
197  {
198    final ExtendedKeyUsageID id = forOID(oid);
199    if (id == null)
200    {
201      return oid.toString();
202    }
203    else
204    {
205      return id.name;
206    }
207  }
208
209
210
211  /**
212   * Retrieves the extended key usage ID with the specified name.
213   *
214   * @param  name  The name of the extended key usage ID to retrieve.  It must
215   *               not be {@code null}.
216   *
217   * @return  The requested extended key usage ID, or {@code null} if no such ID
218   *          is defined.
219   */
220  public static ExtendedKeyUsageID forName(final String name)
221  {
222    switch (StaticUtils.toLowerCase(name))
223    {
224      case "tlsserverauthentication":
225      case "tls-server-authentication":
226      case "tls_server_authentication":
227      case "tls server authentication":
228      case "serverauth":
229      case "server-auth":
230      case "server_auth":
231      case "server auth":
232        return TLS_SERVER_AUTHENTICATION;
233      case "tlsclientauthentication":
234      case "tls-client-authentication":
235      case "tls_client_authentication":
236      case "tls client authentication":
237      case "clientauth":
238      case "client-auth":
239      case "client_auth":
240      case "client auth":
241        return TLS_CLIENT_AUTHENTICATION;
242      case "codesigning":
243      case "code-signing":
244      case "code_signing":
245      case "code signing":
246        return CODE_SIGNING;
247      case "emailprotection":
248      case "email-protection":
249      case "email_protection":
250      case "email protection":
251        return EMAIL_PROTECTION;
252      case "timestamping":
253      case "time-stamping":
254      case "time_stamping":
255      case "time stamping":
256        return TIME_STAMPING;
257      case "ocspsigning":
258      case "ocsp-signing":
259      case "ocsp_signing":
260      case "ocsp signing":
261        return OCSP_SIGNING;
262      default:
263        return null;
264    }
265  }
266}