001: // CMP implementation copyright (c) 2003 NOVOSEC AG (http://www.novosec.com)
002: //
003: // Author: Maik Stohn
004: //
005: // Permission is hereby granted, free of charge, to any person obtaining a copy of this
006: // software and associated documentation files (the "Software"), to deal in the Software
007: // without restriction, including without limitation the rights to use, copy, modify, merge,
008: // publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons
009: // to whom the Software is furnished to do so, subject to the following conditions:
010: //
011: // The above copyright notice and this permission notice shall be included in all copies or
012: // substantial portions of the Software.
013: //
014: // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING
015: // BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
016: // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
017: // DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
018: // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
019:
020: package com.novosec.pkix.asn1.crmf;
021:
022: import org.bouncycastle.asn1.ASN1TaggedObject;
023: import org.bouncycastle.asn1.DERBitString;
024: import org.bouncycastle.asn1.DEREncodable;
025: import org.bouncycastle.asn1.DERInteger;
026: import org.bouncycastle.asn1.DERObject;
027: import org.bouncycastle.asn1.DERTaggedObject;
028:
029: /**
030: * ASN.1 structure DER En/DeCoder.
031: *
032: * <pre>
033: *
034: * POPOPrivKey ::= CHOICE {
035: * thisMessage [0] BIT STRING, -- posession is proven in this message (which contains the private key itself (encrypted for the CA))
036: * subsequentMessage [1] SubsequentMessage, -- possession will be proven in a subsequent message (INTEGER)
037: * dhMAC [2] BIT STRING } -- for keyAgreement (only), possession is proven in this message (which contains a MAC (over the DER-encoded value of the
038: * -- certReq parameter in CertReqMsg, which MUST include both subject and publicKey) based on a key derived from the end entity's
039: * -- private DH key and the CA's public DH key); the dhMAC value MUST be calculated as per the directions given in Appendix A.
040: *
041: * SubsequentMessage ::= INTEGER {
042: * encrCert (0), -- requests that resulting certificate be encrypted for the end entity (following which, POP will be proven in a confirmation message)
043: * challengeResp (1) } -- requests that CA engage in challenge-response exchange with end entity in order to prove private key possession
044: *
045: * </pre>
046: */
047: public class POPOPrivKey implements DEREncodable {
048: DEREncodable obj;
049: int tag;
050:
051: public POPOPrivKey(DERObject obj, int tag) {
052: this .obj = obj;
053: this .tag = tag;
054: }
055:
056: public DERBitString getThisMessage() {
057: if (this .tag != 0)
058: return null;
059: return (DERBitString) this .obj;
060: }
061:
062: public DERInteger getSubsequentMessage() {
063: if (this .tag != 1)
064: return null;
065: return (DERInteger) this .obj;
066: }
067:
068: public DERBitString getDhMAC() {
069: if (this .tag != 2)
070: return null;
071: return (DERBitString) this .obj;
072: }
073:
074: public static POPOPrivKey getInstance(DERObject obj) {
075: return getInstance((ASN1TaggedObject) obj, true);
076: }
077:
078: public static POPOPrivKey getInstance(ASN1TaggedObject tagObj,
079: boolean explicit) {
080: int tag = tagObj.getTagNo();
081:
082: switch (tag) {
083: case 0:
084: return new POPOPrivKey(DERBitString.getInstance(tagObj
085: .getObject()), 0);
086: case 1:
087: return new POPOPrivKey(DERInteger.getInstance(tagObj
088: .getObject()), 1);
089: case 2:
090: return new POPOPrivKey(DERBitString.getInstance(tagObj
091: .getObject()), 2);
092: }
093:
094: throw new IllegalArgumentException("unknown tag: " + tag);
095: }
096:
097: public DERObject getDERObject() {
098: return new DERTaggedObject(true, tag, obj);
099: }
100:
101: public String toString() {
102: return "POPOPrivKey: (" + obj + ")";
103: }
104: }
|