001package org.apache.commons.ssl.org.bouncycastle.asn1.x509;
002
003import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Integer;
004import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Object;
005import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Primitive;
006import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Sequence;
007import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1TaggedObject;
008import org.apache.commons.ssl.org.bouncycastle.asn1.DERBitString;
009import org.apache.commons.ssl.org.bouncycastle.asn1.DERTaggedObject;
010import org.apache.commons.ssl.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
011import org.apache.commons.ssl.org.bouncycastle.asn1.x500.X500Name;
012
013/**
014 * The TBSCertificate object.
015 * <pre>
016 * TBSCertificate ::= SEQUENCE {
017 *      version          [ 0 ]  Version DEFAULT v1(0),
018 *      serialNumber            CertificateSerialNumber,
019 *      signature               AlgorithmIdentifier,
020 *      issuer                  Name,
021 *      validity                Validity,
022 *      subject                 Name,
023 *      subjectPublicKeyInfo    SubjectPublicKeyInfo,
024 *      issuerUniqueID    [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
025 *      subjectUniqueID   [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
026 *      extensions        [ 3 ] Extensions OPTIONAL
027 *      }
028 * </pre>
029 * <p>
030 * Note: issuerUniqueID and subjectUniqueID are both deprecated by the IETF. This class
031 * will parse them, but you really shouldn't be creating new ones.
032 */
033public class TBSCertificateStructure
034    extends ASN1Object
035    implements X509ObjectIdentifiers, PKCSObjectIdentifiers
036{
037    ASN1Sequence            seq;
038
039    ASN1Integer             version;
040    ASN1Integer             serialNumber;
041    AlgorithmIdentifier     signature;
042    X500Name                issuer;
043    Time                    startDate, endDate;
044    X500Name                subject;
045    SubjectPublicKeyInfo    subjectPublicKeyInfo;
046    DERBitString            issuerUniqueId;
047    DERBitString            subjectUniqueId;
048    X509Extensions          extensions;
049
050    public static TBSCertificateStructure getInstance(
051        ASN1TaggedObject obj,
052        boolean          explicit)
053    {
054        return getInstance(ASN1Sequence.getInstance(obj, explicit));
055    }
056
057    public static TBSCertificateStructure getInstance(
058        Object  obj)
059    {
060        if (obj instanceof TBSCertificateStructure)
061        {
062            return (TBSCertificateStructure)obj;
063        }
064        else if (obj != null)
065        {
066            return new TBSCertificateStructure(ASN1Sequence.getInstance(obj));
067        }
068
069        return null;
070    }
071
072    public TBSCertificateStructure(
073        ASN1Sequence  seq)
074    {
075        int         seqStart = 0;
076
077        this.seq = seq;
078
079        //
080        // some certficates don't include a version number - we assume v1
081        //
082        if (seq.getObjectAt(0) instanceof DERTaggedObject)
083        {
084            version = ASN1Integer.getInstance((ASN1TaggedObject)seq.getObjectAt(0), true);
085        }
086        else
087        {
088            seqStart = -1;          // field 0 is missing!
089            version = new ASN1Integer(0);
090        }
091
092        serialNumber = ASN1Integer.getInstance(seq.getObjectAt(seqStart + 1));
093
094        signature = AlgorithmIdentifier.getInstance(seq.getObjectAt(seqStart + 2));
095        issuer = X500Name.getInstance(seq.getObjectAt(seqStart + 3));
096
097        //
098        // before and after dates
099        //
100        ASN1Sequence  dates = (ASN1Sequence)seq.getObjectAt(seqStart + 4);
101
102        startDate = Time.getInstance(dates.getObjectAt(0));
103        endDate = Time.getInstance(dates.getObjectAt(1));
104
105        subject = X500Name.getInstance(seq.getObjectAt(seqStart + 5));
106
107        //
108        // public key info.
109        //
110        subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(seq.getObjectAt(seqStart + 6));
111
112        for (int extras = seq.size() - (seqStart + 6) - 1; extras > 0; extras--)
113        {
114            DERTaggedObject extra = (DERTaggedObject)seq.getObjectAt(seqStart + 6 + extras);
115
116            switch (extra.getTagNo())
117            {
118            case 1:
119                issuerUniqueId = DERBitString.getInstance(extra, false);
120                break;
121            case 2:
122                subjectUniqueId = DERBitString.getInstance(extra, false);
123                break;
124            case 3:
125                extensions = X509Extensions.getInstance(extra);
126            }
127        }
128    }
129
130    public int getVersion()
131    {
132        return version.getValue().intValue() + 1;
133    }
134
135    public ASN1Integer getVersionNumber()
136    {
137        return version;
138    }
139
140    public ASN1Integer getSerialNumber()
141    {
142        return serialNumber;
143    }
144
145    public AlgorithmIdentifier getSignature()
146    {
147        return signature;
148    }
149
150    public X500Name getIssuer()
151    {
152        return issuer;
153    }
154
155    public Time getStartDate()
156    {
157        return startDate;
158    }
159
160    public Time getEndDate()
161    {
162        return endDate;
163    }
164
165    public X500Name getSubject()
166    {
167        return subject;
168    }
169
170    public SubjectPublicKeyInfo getSubjectPublicKeyInfo()
171    {
172        return subjectPublicKeyInfo;
173    }
174
175    public DERBitString getIssuerUniqueId()
176    {
177        return issuerUniqueId;
178    }
179
180    public DERBitString getSubjectUniqueId()
181    {
182        return subjectUniqueId;
183    }
184
185    public X509Extensions getExtensions()
186    {
187        return extensions;
188    }
189
190    public ASN1Primitive toASN1Primitive()
191    {
192        return seq;
193    }
194}