001: /**
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */package org.apache.geronimo.crypto.asn1.x509;
017:
018: import org.apache.geronimo.crypto.asn1.ASN1Encodable;
019: import org.apache.geronimo.crypto.asn1.ASN1Sequence;
020: import org.apache.geronimo.crypto.asn1.ASN1TaggedObject;
021: import org.apache.geronimo.crypto.asn1.DERBitString;
022: import org.apache.geronimo.crypto.asn1.DERInteger;
023: import org.apache.geronimo.crypto.asn1.DERObject;
024: import org.apache.geronimo.crypto.asn1.DERTaggedObject;
025: import org.apache.geronimo.crypto.asn1.pkcs.PKCSObjectIdentifiers;
026:
027: /**
028: * The TBSCertificate object.
029: * <pre>
030: * TBSCertificate ::= SEQUENCE {
031: * version [ 0 ] Version DEFAULT v1(0),
032: * serialNumber CertificateSerialNumber,
033: * signature AlgorithmIdentifier,
034: * issuer Name,
035: * validity Validity,
036: * subject Name,
037: * subjectPublicKeyInfo SubjectPublicKeyInfo,
038: * issuerUniqueID [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
039: * subjectUniqueID [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
040: * extensions [ 3 ] Extensions OPTIONAL
041: * }
042: * </pre>
043: * <p>
044: * Note: issuerUniqueID and subjectUniqueID are both deprecated by the IETF. This class
045: * will parse them, but you really shouldn't be creating new ones.
046: */
047: public class TBSCertificateStructure extends ASN1Encodable implements
048: X509ObjectIdentifiers, PKCSObjectIdentifiers {
049: ASN1Sequence seq;
050:
051: DERInteger version;
052: DERInteger serialNumber;
053: AlgorithmIdentifier signature;
054: X509Name issuer;
055: Time startDate, endDate;
056: X509Name subject;
057: SubjectPublicKeyInfo subjectPublicKeyInfo;
058: DERBitString issuerUniqueId;
059: DERBitString subjectUniqueId;
060: X509Extensions extensions;
061:
062: public static TBSCertificateStructure getInstance(
063: ASN1TaggedObject obj, boolean explicit) {
064: return getInstance(ASN1Sequence.getInstance(obj, explicit));
065: }
066:
067: public static TBSCertificateStructure getInstance(Object obj) {
068: if (obj instanceof TBSCertificateStructure) {
069: return (TBSCertificateStructure) obj;
070: } else if (obj instanceof ASN1Sequence) {
071: return new TBSCertificateStructure((ASN1Sequence) obj);
072: }
073:
074: throw new IllegalArgumentException("unknown object in factory");
075: }
076:
077: public TBSCertificateStructure(ASN1Sequence seq) {
078: int seqStart = 0;
079:
080: this .seq = seq;
081:
082: //
083: // some certficates don't include a version number - we assume v1
084: //
085: if (seq.getObjectAt(0) instanceof DERTaggedObject) {
086: version = DERInteger.getInstance(seq.getObjectAt(0));
087: } else {
088: seqStart = -1; // field 0 is missing!
089: version = new DERInteger(0);
090: }
091:
092: serialNumber = DERInteger.getInstance(seq
093: .getObjectAt(seqStart + 1));
094:
095: signature = AlgorithmIdentifier.getInstance(seq
096: .getObjectAt(seqStart + 2));
097: issuer = X509Name.getInstance(seq.getObjectAt(seqStart + 3));
098:
099: //
100: // before and after dates
101: //
102: ASN1Sequence dates = (ASN1Sequence) seq
103: .getObjectAt(seqStart + 4);
104:
105: startDate = Time.getInstance(dates.getObjectAt(0));
106: endDate = Time.getInstance(dates.getObjectAt(1));
107:
108: subject = X509Name.getInstance(seq.getObjectAt(seqStart + 5));
109:
110: //
111: // public key info.
112: //
113: subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(seq
114: .getObjectAt(seqStart + 6));
115:
116: for (int extras = seq.size() - (seqStart + 6) - 1; extras > 0; extras--) {
117: DERTaggedObject extra = (DERTaggedObject) seq
118: .getObjectAt(seqStart + 6 + extras);
119:
120: switch (extra.getTagNo()) {
121: case 1:
122: issuerUniqueId = DERBitString.getInstance(extra, false);
123: break;
124: case 2:
125: subjectUniqueId = DERBitString
126: .getInstance(extra, false);
127: break;
128: case 3:
129: extensions = X509Extensions.getInstance(extra);
130: }
131: }
132: }
133:
134: public int getVersion() {
135: return version.getValue().intValue() + 1;
136: }
137:
138: public DERInteger getVersionNumber() {
139: return version;
140: }
141:
142: public DERInteger getSerialNumber() {
143: return serialNumber;
144: }
145:
146: public AlgorithmIdentifier getSignature() {
147: return signature;
148: }
149:
150: public X509Name getIssuer() {
151: return issuer;
152: }
153:
154: public Time getStartDate() {
155: return startDate;
156: }
157:
158: public Time getEndDate() {
159: return endDate;
160: }
161:
162: public X509Name getSubject() {
163: return subject;
164: }
165:
166: public SubjectPublicKeyInfo getSubjectPublicKeyInfo() {
167: return subjectPublicKeyInfo;
168: }
169:
170: public DERBitString getIssuerUniqueId() {
171: return issuerUniqueId;
172: }
173:
174: public DERBitString getSubjectUniqueId() {
175: return subjectUniqueId;
176: }
177:
178: public X509Extensions getExtensions() {
179: return extensions;
180: }
181:
182: public DERObject toASN1Object() {
183: return seq;
184: }
185: }
|