001package org.apache.commons.ssl.org.bouncycastle.asn1.x509; 002 003import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Integer; 004import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Object; 005import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Primitive; 006import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Sequence; 007import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1TaggedObject; 008import org.apache.commons.ssl.org.bouncycastle.asn1.DERBitString; 009import org.apache.commons.ssl.org.bouncycastle.asn1.DERTaggedObject; 010import org.apache.commons.ssl.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; 011import org.apache.commons.ssl.org.bouncycastle.asn1.x500.X500Name; 012 013/** 014 * The TBSCertificate object. 015 * <pre> 016 * TBSCertificate ::= SEQUENCE { 017 * version [ 0 ] Version DEFAULT v1(0), 018 * serialNumber CertificateSerialNumber, 019 * signature AlgorithmIdentifier, 020 * issuer Name, 021 * validity Validity, 022 * subject Name, 023 * subjectPublicKeyInfo SubjectPublicKeyInfo, 024 * issuerUniqueID [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL, 025 * subjectUniqueID [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL, 026 * extensions [ 3 ] Extensions OPTIONAL 027 * } 028 * </pre> 029 * <p> 030 * Note: issuerUniqueID and subjectUniqueID are both deprecated by the IETF. This class 031 * will parse them, but you really shouldn't be creating new ones. 032 */ 033public class TBSCertificateStructure 034 extends ASN1Object 035 implements X509ObjectIdentifiers, PKCSObjectIdentifiers 036{ 037 ASN1Sequence seq; 038 039 ASN1Integer version; 040 ASN1Integer serialNumber; 041 AlgorithmIdentifier signature; 042 X500Name issuer; 043 Time startDate, endDate; 044 X500Name subject; 045 SubjectPublicKeyInfo subjectPublicKeyInfo; 046 DERBitString issuerUniqueId; 047 DERBitString subjectUniqueId; 048 X509Extensions extensions; 049 050 public static TBSCertificateStructure getInstance( 051 ASN1TaggedObject obj, 052 boolean explicit) 053 { 054 return getInstance(ASN1Sequence.getInstance(obj, explicit)); 055 } 056 057 public static TBSCertificateStructure getInstance( 058 Object obj) 059 { 060 if (obj instanceof TBSCertificateStructure) 061 { 062 return (TBSCertificateStructure)obj; 063 } 064 else if (obj != null) 065 { 066 return new TBSCertificateStructure(ASN1Sequence.getInstance(obj)); 067 } 068 069 return null; 070 } 071 072 public TBSCertificateStructure( 073 ASN1Sequence seq) 074 { 075 int seqStart = 0; 076 077 this.seq = seq; 078 079 // 080 // some certficates don't include a version number - we assume v1 081 // 082 if (seq.getObjectAt(0) instanceof DERTaggedObject) 083 { 084 version = ASN1Integer.getInstance((ASN1TaggedObject)seq.getObjectAt(0), true); 085 } 086 else 087 { 088 seqStart = -1; // field 0 is missing! 089 version = new ASN1Integer(0); 090 } 091 092 serialNumber = ASN1Integer.getInstance(seq.getObjectAt(seqStart + 1)); 093 094 signature = AlgorithmIdentifier.getInstance(seq.getObjectAt(seqStart + 2)); 095 issuer = X500Name.getInstance(seq.getObjectAt(seqStart + 3)); 096 097 // 098 // before and after dates 099 // 100 ASN1Sequence dates = (ASN1Sequence)seq.getObjectAt(seqStart + 4); 101 102 startDate = Time.getInstance(dates.getObjectAt(0)); 103 endDate = Time.getInstance(dates.getObjectAt(1)); 104 105 subject = X500Name.getInstance(seq.getObjectAt(seqStart + 5)); 106 107 // 108 // public key info. 109 // 110 subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(seq.getObjectAt(seqStart + 6)); 111 112 for (int extras = seq.size() - (seqStart + 6) - 1; extras > 0; extras--) 113 { 114 DERTaggedObject extra = (DERTaggedObject)seq.getObjectAt(seqStart + 6 + extras); 115 116 switch (extra.getTagNo()) 117 { 118 case 1: 119 issuerUniqueId = DERBitString.getInstance(extra, false); 120 break; 121 case 2: 122 subjectUniqueId = DERBitString.getInstance(extra, false); 123 break; 124 case 3: 125 extensions = X509Extensions.getInstance(extra); 126 } 127 } 128 } 129 130 public int getVersion() 131 { 132 return version.getValue().intValue() + 1; 133 } 134 135 public ASN1Integer getVersionNumber() 136 { 137 return version; 138 } 139 140 public ASN1Integer getSerialNumber() 141 { 142 return serialNumber; 143 } 144 145 public AlgorithmIdentifier getSignature() 146 { 147 return signature; 148 } 149 150 public X500Name getIssuer() 151 { 152 return issuer; 153 } 154 155 public Time getStartDate() 156 { 157 return startDate; 158 } 159 160 public Time getEndDate() 161 { 162 return endDate; 163 } 164 165 public X500Name getSubject() 166 { 167 return subject; 168 } 169 170 public SubjectPublicKeyInfo getSubjectPublicKeyInfo() 171 { 172 return subjectPublicKeyInfo; 173 } 174 175 public DERBitString getIssuerUniqueId() 176 { 177 return issuerUniqueId; 178 } 179 180 public DERBitString getSubjectUniqueId() 181 { 182 return subjectUniqueId; 183 } 184 185 public X509Extensions getExtensions() 186 { 187 return extensions; 188 } 189 190 public ASN1Primitive toASN1Primitive() 191 { 192 return seq; 193 } 194}