001    /**
002     *  Licensed to the Apache Software Foundation (ASF) under one or more
003     *  contributor license agreements.  See the NOTICE file distributed with
004     *  this work for additional information regarding copyright ownership.
005     *  The ASF licenses this file to You under the Apache License, Version 2.0
006     *  (the "License"); you may not use this file except in compliance with
007     *  the License.  You may obtain a copy of the License at
008     *
009     *     http://www.apache.org/licenses/LICENSE-2.0
010     *
011     *  Unless required by applicable law or agreed to in writing, software
012     *  distributed under the License is distributed on an "AS IS" BASIS,
013     *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014     *  See the License for the specific language governing permissions and
015     *  limitations under the License.
016     */
017    
018    package org.apache.geronimo.util.asn1.x509;
019    
020    import java.io.IOException;
021    import java.util.Enumeration;
022    import java.util.Vector;
023    
024    import org.apache.geronimo.util.asn1.ASN1EncodableVector;
025    import org.apache.geronimo.util.asn1.ASN1Sequence;
026    import org.apache.geronimo.util.asn1.DERGeneralizedTime;
027    import org.apache.geronimo.util.asn1.DERInteger;
028    import org.apache.geronimo.util.asn1.DEROctetString;
029    import org.apache.geronimo.util.asn1.DERSequence;
030    import org.apache.geronimo.util.asn1.DERTaggedObject;
031    import org.apache.geronimo.util.asn1.DERUTCTime;
032    
033    /**
034     * Generator for Version 2 TBSCertList structures.
035     * <pre>
036     *  TBSCertList  ::=  SEQUENCE  {
037     *       version                 Version OPTIONAL,
038     *                                    -- if present, shall be v2
039     *       signature               AlgorithmIdentifier,
040     *       issuer                  Name,
041     *       thisUpdate              Time,
042     *       nextUpdate              Time OPTIONAL,
043     *       revokedCertificates     SEQUENCE OF SEQUENCE  {
044     *            userCertificate         CertificateSerialNumber,
045     *            revocationDate          Time,
046     *            crlEntryExtensions      Extensions OPTIONAL
047     *                                          -- if present, shall be v2
048     *                                 }  OPTIONAL,
049     *       crlExtensions           [0]  EXPLICIT Extensions OPTIONAL
050     *                                          -- if present, shall be v2
051     *                                 }
052     * </pre>
053     *
054     * <b>Note: This class may be subject to change</b>
055     */
056    public class V2TBSCertListGenerator
057    {
058        DERInteger version = new DERInteger(1);
059    
060        AlgorithmIdentifier     signature;
061        X509Name                issuer;
062        Time                    thisUpdate, nextUpdate=null;
063        X509Extensions          extensions=null;
064        private Vector          crlentries=null;
065    
066        public V2TBSCertListGenerator()
067        {
068        }
069    
070    
071        public void setSignature(
072            AlgorithmIdentifier    signature)
073        {
074            this.signature = signature;
075        }
076    
077        public void setIssuer(
078            X509Name    issuer)
079        {
080            this.issuer = issuer;
081        }
082    
083        public void setThisUpdate(
084            DERUTCTime thisUpdate)
085        {
086            this.thisUpdate = new Time(thisUpdate);
087        }
088    
089        public void setNextUpdate(
090            DERUTCTime nextUpdate)
091        {
092            this.nextUpdate = new Time(nextUpdate);
093        }
094    
095        public void setThisUpdate(
096            Time thisUpdate)
097        {
098            this.thisUpdate = thisUpdate;
099        }
100    
101        public void setNextUpdate(
102            Time nextUpdate)
103        {
104            this.nextUpdate = nextUpdate;
105        }
106    
107        public void addCRLEntry(
108            ASN1Sequence crlEntry)
109        {
110            if (crlentries == null)
111                crlentries = new Vector();
112            crlentries.addElement(crlEntry);
113        }
114    
115        public void addCRLEntry(DERInteger userCertificate, DERUTCTime revocationDate, int reason)
116        {
117            addCRLEntry(userCertificate, new Time(revocationDate), reason);
118        }
119    
120        public void addCRLEntry(DERInteger userCertificate, Time revocationDate, int reason)
121        {
122            addCRLEntry(userCertificate, revocationDate, reason, null);
123        }
124    
125        public void addCRLEntry(DERInteger userCertificate, Time revocationDate, int reason, DERGeneralizedTime invalidityDate)
126        {
127            ASN1EncodableVector v = new ASN1EncodableVector();
128    
129            v.add(userCertificate);
130            v.add(revocationDate);
131    
132            Vector extOids = new Vector();
133            Vector extValues = new Vector();
134    
135            if (reason != 0)
136            {
137                CRLReason crlReason = new CRLReason(reason);
138    
139                try
140                {
141                    extOids.addElement(X509Extensions.ReasonCode);
142                    extValues.addElement(new X509Extension(false, new DEROctetString(crlReason.getEncoded())));
143                }
144                catch (IOException e)
145                {
146                    throw new IllegalArgumentException("error encoding reason: " + e.getMessage(), e);
147                }
148            }
149    
150            if (invalidityDate != null)
151            {
152                try
153                {
154                    extOids.addElement(X509Extensions.InvalidityDate);
155                    extValues.addElement(new X509Extension(false, new DEROctetString(invalidityDate.getEncoded())));
156                }
157                catch (IOException e)
158                {
159                    throw new IllegalArgumentException("error encoding invalidityDate: " + e.getMessage(), e);
160                }
161            }
162    
163            if (extOids.size() != 0)
164            {
165                X509Extensions ex = new X509Extensions(extOids, extValues);
166                v.add(ex);
167            }
168    
169            if (crlentries == null)
170            {
171                crlentries = new Vector();
172            }
173    
174            crlentries.addElement(new DERSequence(v));
175        }
176    
177        public void setExtensions(
178            X509Extensions    extensions)
179        {
180            this.extensions = extensions;
181        }
182    
183        public TBSCertList generateTBSCertList()
184        {
185            if ((signature == null) || (issuer == null) || (thisUpdate == null))
186            {
187                throw new IllegalStateException("Not all mandatory fields set in V2 TBSCertList generator.");
188            }
189    
190            ASN1EncodableVector  v = new ASN1EncodableVector();
191    
192            v.add(version);
193            v.add(signature);
194            v.add(issuer);
195    
196            v.add(thisUpdate);
197            if (nextUpdate != null)
198            {
199                v.add(nextUpdate);
200            }
201    
202            // Add CRLEntries if they exist
203            if (crlentries != null)
204            {
205                ASN1EncodableVector certs = new ASN1EncodableVector();
206                Enumeration it = crlentries.elements();
207                while( it.hasMoreElements() )
208                {
209                    certs.add((ASN1Sequence)it.nextElement());
210                }
211                v.add(new DERSequence(certs));
212            }
213    
214            if (extensions != null)
215            {
216                v.add(new DERTaggedObject(0, extensions));
217            }
218    
219            return new TBSCertList(new DERSequence(v));
220        }
221    }