001    /**
002     *  Licensed to the Apache Software Foundation (ASF) under one or more
003     *  contributor license agreements.  See the NOTICE file distributed with
004     *  this work for additional information regarding copyright ownership.
005     *  The ASF licenses this file to You under the Apache License, Version 2.0
006     *  (the "License"); you may not use this file except in compliance with
007     *  the License.  You may obtain a copy of the License at
008     *
009     *     http://www.apache.org/licenses/LICENSE-2.0
010     *
011     *  Unless required by applicable law or agreed to in writing, software
012     *  distributed under the License is distributed on an "AS IS" BASIS,
013     *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014     *  See the License for the specific language governing permissions and
015     *  limitations under the License.
016     */
017    
018    package org.apache.geronimo.util.asn1.x509;
019    
020    import org.apache.geronimo.util.asn1.ASN1Encodable;
021    import org.apache.geronimo.util.asn1.ASN1Sequence;
022    import org.apache.geronimo.util.asn1.ASN1TaggedObject;
023    import org.apache.geronimo.util.asn1.DERBitString;
024    import org.apache.geronimo.util.asn1.DERInteger;
025    import org.apache.geronimo.util.asn1.DERObject;
026    import org.apache.geronimo.util.asn1.DERTaggedObject;
027    import org.apache.geronimo.util.asn1.pkcs.PKCSObjectIdentifiers;
028    
029    /**
030     * The TBSCertificate object.
031     * <pre>
032     * TBSCertificate ::= SEQUENCE {
033     *      version          [ 0 ]  Version DEFAULT v1(0),
034     *      serialNumber            CertificateSerialNumber,
035     *      signature               AlgorithmIdentifier,
036     *      issuer                  Name,
037     *      validity                Validity,
038     *      subject                 Name,
039     *      subjectPublicKeyInfo    SubjectPublicKeyInfo,
040     *      issuerUniqueID    [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
041     *      subjectUniqueID   [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
042     *      extensions        [ 3 ] Extensions OPTIONAL
043     *      }
044     * </pre>
045     * <p>
046     * Note: issuerUniqueID and subjectUniqueID are both deprecated by the IETF. This class
047     * will parse them, but you really shouldn't be creating new ones.
048     */
049    public class TBSCertificateStructure
050        extends ASN1Encodable
051        implements X509ObjectIdentifiers, PKCSObjectIdentifiers
052    {
053        ASN1Sequence            seq;
054    
055        DERInteger              version;
056        DERInteger              serialNumber;
057        AlgorithmIdentifier     signature;
058        X509Name                issuer;
059        Time                    startDate, endDate;
060        X509Name                subject;
061        SubjectPublicKeyInfo    subjectPublicKeyInfo;
062        DERBitString            issuerUniqueId;
063        DERBitString            subjectUniqueId;
064        X509Extensions          extensions;
065    
066        public static TBSCertificateStructure getInstance(
067            ASN1TaggedObject obj,
068            boolean          explicit)
069        {
070            return getInstance(ASN1Sequence.getInstance(obj, explicit));
071        }
072    
073        public static TBSCertificateStructure getInstance(
074            Object  obj)
075        {
076            if (obj instanceof TBSCertificateStructure)
077            {
078                return (TBSCertificateStructure)obj;
079            }
080            else if (obj instanceof ASN1Sequence)
081            {
082                return new TBSCertificateStructure((ASN1Sequence)obj);
083            }
084    
085            throw new IllegalArgumentException("unknown object in factory");
086        }
087    
088        public TBSCertificateStructure(
089            ASN1Sequence  seq)
090        {
091            int         seqStart = 0;
092    
093            this.seq = seq;
094    
095            //
096            // some certficates don't include a version number - we assume v1
097            //
098            if (seq.getObjectAt(0) instanceof DERTaggedObject)
099            {
100                version = DERInteger.getInstance(seq.getObjectAt(0));
101            }
102            else
103            {
104                seqStart = -1;          // field 0 is missing!
105                version = new DERInteger(0);
106            }
107    
108            serialNumber = DERInteger.getInstance(seq.getObjectAt(seqStart + 1));
109    
110            signature = AlgorithmIdentifier.getInstance(seq.getObjectAt(seqStart + 2));
111            issuer = X509Name.getInstance(seq.getObjectAt(seqStart + 3));
112    
113            //
114            // before and after dates
115            //
116            ASN1Sequence  dates = (ASN1Sequence)seq.getObjectAt(seqStart + 4);
117    
118            startDate = Time.getInstance(dates.getObjectAt(0));
119            endDate = Time.getInstance(dates.getObjectAt(1));
120    
121            subject = X509Name.getInstance(seq.getObjectAt(seqStart + 5));
122    
123            //
124            // public key info.
125            //
126            subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(seq.getObjectAt(seqStart + 6));
127    
128            for (int extras = seq.size() - (seqStart + 6) - 1; extras > 0; extras--)
129            {
130                DERTaggedObject extra = (DERTaggedObject)seq.getObjectAt(seqStart + 6 + extras);
131    
132                switch (extra.getTagNo())
133                {
134                case 1:
135                    issuerUniqueId = DERBitString.getInstance(extra, false);
136                    break;
137                case 2:
138                    subjectUniqueId = DERBitString.getInstance(extra, false);
139                    break;
140                case 3:
141                    extensions = X509Extensions.getInstance(extra);
142                }
143            }
144        }
145    
146        public int getVersion()
147        {
148            return version.getValue().intValue() + 1;
149        }
150    
151        public DERInteger getVersionNumber()
152        {
153            return version;
154        }
155    
156        public DERInteger getSerialNumber()
157        {
158            return serialNumber;
159        }
160    
161        public AlgorithmIdentifier getSignature()
162        {
163            return signature;
164        }
165    
166        public X509Name getIssuer()
167        {
168            return issuer;
169        }
170    
171        public Time getStartDate()
172        {
173            return startDate;
174        }
175    
176        public Time getEndDate()
177        {
178            return endDate;
179        }
180    
181        public X509Name getSubject()
182        {
183            return subject;
184        }
185    
186        public SubjectPublicKeyInfo getSubjectPublicKeyInfo()
187        {
188            return subjectPublicKeyInfo;
189        }
190    
191        public DERBitString getIssuerUniqueId()
192        {
193            return issuerUniqueId;
194        }
195    
196        public DERBitString getSubjectUniqueId()
197        {
198            return subjectUniqueId;
199        }
200    
201        public X509Extensions getExtensions()
202        {
203            return extensions;
204        }
205    
206        public DERObject toASN1Object()
207        {
208            return seq;
209        }
210    }