01: package org.bouncycastle.asn1.crmf;
02:
03: import org.bouncycastle.asn1.ASN1Encodable;
04: import org.bouncycastle.asn1.ASN1EncodableVector;
05: import org.bouncycastle.asn1.ASN1Sequence;
06: import org.bouncycastle.asn1.ASN1TaggedObject;
07: import org.bouncycastle.asn1.DERBitString;
08: import org.bouncycastle.asn1.DERObject;
09: import org.bouncycastle.asn1.DERSequence;
10: import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
11:
12: public class POPOSigningKey extends ASN1Encodable {
13: private POPOSigningKeyInput poposkInput;
14: private AlgorithmIdentifier algorithmIdentifier;
15: private DERBitString signature;
16:
17: private POPOSigningKey(ASN1Sequence seq) {
18: int index = 0;
19:
20: if (seq.getObjectAt(0) instanceof ASN1TaggedObject) {
21: poposkInput = POPOSigningKeyInput.getInstance(seq
22: .getObjectAt(index++));
23: }
24: algorithmIdentifier = AlgorithmIdentifier.getInstance(seq
25: .getObjectAt(index++));
26: signature = DERBitString.getInstance(seq.getObjectAt(index));
27: }
28:
29: public static POPOSigningKey getInstance(Object o) {
30: if (o instanceof POPOSigningKey) {
31: return (POPOSigningKey) o;
32: }
33:
34: if (o instanceof ASN1Sequence) {
35: return new POPOSigningKey((ASN1Sequence) o);
36: }
37:
38: throw new IllegalArgumentException("Invalid object: "
39: + o.getClass().getName());
40: }
41:
42: /**
43: * <pre>
44: * POPOSigningKey ::= SEQUENCE {
45: * poposkInput [0] POPOSigningKeyInput OPTIONAL,
46: * algorithmIdentifier AlgorithmIdentifier,
47: * signature BIT STRING }
48: * -- The signature (using "algorithmIdentifier") is on the
49: * -- DER-encoded value of poposkInput. NOTE: If the CertReqMsg
50: * -- certReq CertTemplate contains the subject and publicKey values,
51: * -- then poposkInput MUST be omitted and the signature MUST be
52: * -- computed on the DER-encoded value of CertReqMsg certReq. If
53: * -- the CertReqMsg certReq CertTemplate does not contain the public
54: * -- key and subject values, then poposkInput MUST be present and
55: * -- MUST be signed. This strategy ensures that the public key is
56: * -- not present in both the poposkInput and CertReqMsg certReq
57: * -- CertTemplate fields.
58: * </pre>
59: * @return a basic ASN.1 object representation.
60: */
61: public DERObject toASN1Object() {
62: ASN1EncodableVector v = new ASN1EncodableVector();
63:
64: if (poposkInput != null) {
65: v.add(poposkInput);
66: }
67:
68: v.add(algorithmIdentifier);
69: v.add(signature);
70:
71: return new DERSequence(v);
72: }
73: }
|