TBSCertList


1   /**
2    *  Licensed to the Apache Software Foundation (ASF) under one or more
3    *  contributor license agreements.  See the NOTICE file distributed with
4    *  this work for additional information regarding copyright ownership.
5    *  The ASF licenses this file to You under the Apache License, Version 2.0
6    *  (the "License"); you may not use this file except in compliance with
7    *  the License.  You may obtain a copy of the License at
8    *
9    *     http://www.apache.org/licenses/LICENSE-2.0
10   *
11   *  Unless required by applicable law or agreed to in writing, software
12   *  distributed under the License is distributed on an "AS IS" BASIS,
13   *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   *  See the License for the specific language governing permissions and
15   *  limitations under the License.
16   */
17  
18  package org.apache.geronimo.util.asn1.x509;
19  
20  import org.apache.geronimo.util.asn1.ASN1Encodable;
21  import org.apache.geronimo.util.asn1.ASN1Sequence;
22  import org.apache.geronimo.util.asn1.ASN1TaggedObject;
23  import org.apache.geronimo.util.asn1.DERGeneralizedTime;
24  import org.apache.geronimo.util.asn1.DERInteger;
25  import org.apache.geronimo.util.asn1.DERObject;
26  import org.apache.geronimo.util.asn1.DERTaggedObject;
27  import org.apache.geronimo.util.asn1.DERUTCTime;
28  
29  /**
30   * PKIX RFC-2459 - TBSCertList object.
31   * <pre>
32   * TBSCertList  ::=  SEQUENCE  {
33   *      version                 Version OPTIONAL,
34   *                                   -- if present, shall be v2
35   *      signature               AlgorithmIdentifier,
36   *      issuer                  Name,
37   *      thisUpdate              Time,
38   *      nextUpdate              Time OPTIONAL,
39   *      revokedCertificates     SEQUENCE OF SEQUENCE  {
40   *           userCertificate         CertificateSerialNumber,
41   *           revocationDate          Time,
42   *           crlEntryExtensions      Extensions OPTIONAL
43   *                                         -- if present, shall be v2
44   *                                }  OPTIONAL,
45   *      crlExtensions           [0]  EXPLICIT Extensions OPTIONAL
46   *                                         -- if present, shall be v2
47   *                                }
48   * </pre>
49   */
50  public class TBSCertList
51      extends ASN1Encodable
52  {
53      public class CRLEntry
54          extends ASN1Encodable
55      {
56          ASN1Sequence  seq;
57  
58          DERInteger          userCertificate;
59          Time                revocationDate;
60          X509Extensions      crlEntryExtensions;
61  
62          public CRLEntry(
63              ASN1Sequence  seq)
64          {
65              this.seq = seq;
66  
67              userCertificate = (DERInteger)seq.getObjectAt(0);
68              revocationDate = Time.getInstance(seq.getObjectAt(1));
69              if (seq.size() == 3)
70              {
71                  crlEntryExtensions = X509Extensions.getInstance(seq.getObjectAt(2));
72              }
73          }
74  
75          public DERInteger getUserCertificate()
76          {
77              return userCertificate;
78          }
79  
80          public Time getRevocationDate()
81          {
82              return revocationDate;
83          }
84  
85          public X509Extensions getExtensions()
86          {
87              return crlEntryExtensions;
88          }
89  
90          public DERObject toASN1Object()
91          {
92              return seq;
93          }
94      }
95  
96      ASN1Sequence     seq;
97  
98      DERInteger              version;
99      AlgorithmIdentifier     signature;
100     X509Name                issuer;
101     Time                    thisUpdate;
102     Time                    nextUpdate;
103     CRLEntry[]              revokedCertificates;
104     X509Extensions          crlExtensions;
105 
106     public static TBSCertList getInstance(
107         ASN1TaggedObject obj,
108         boolean          explicit)
109     {
110         return getInstance(ASN1Sequence.getInstance(obj, explicit));
111     }
112 
113     public static TBSCertList getInstance(
114         Object    obj)
115     {
116         if (obj instanceof TBSCertList)
117         {
118             return (TBSCertList)obj;
119         }
120         else if (obj instanceof ASN1Sequence)
121         {
122             return new TBSCertList((ASN1Sequence)obj);
123         }
124 
125         throw new IllegalArgumentException  ("unknown object in factory");
126     }
127 
128     public TBSCertList(
129         ASN1Sequence  seq)
130     {
131         int seqPos = 0;
132 
133         this.seq = seq;
134 
135         if (seq.getObjectAt(seqPos) instanceof DERInteger)
136         {
137             version = (DERInteger)seq.getObjectAt(seqPos++);
138         }
139         else
140         {
141             version = new DERInteger(0);
142         }
143 
144         signature = AlgorithmIdentifier.getInstance(seq.getObjectAt(seqPos++));
145         issuer = X509Name.getInstance(seq.getObjectAt(seqPos++));
146         thisUpdate = Time.getInstance(seq.getObjectAt(seqPos++));
147 
148         if (seqPos < seq.size()
149             && (seq.getObjectAt(seqPos) instanceof DERUTCTime
150                || seq.getObjectAt(seqPos) instanceof DERGeneralizedTime
151                || seq.getObjectAt(seqPos) instanceof Time))
152         {
153             nextUpdate = Time.getInstance(seq.getObjectAt(seqPos++));
154         }
155 
156         if (seqPos < seq.size()
157             && !(seq.getObjectAt(seqPos) instanceof DERTaggedObject))
158         {
159             ASN1Sequence certs = (ASN1Sequence)seq.getObjectAt(seqPos++);
160             revokedCertificates = new CRLEntry[certs.size()];
161 
162             for ( int i = 0; i < revokedCertificates.length; i++)
163             {
164                 revokedCertificates[i] = new CRLEntry((ASN1Sequence)certs.getObjectAt(i));
165             }
166         }
167 
168         if (seqPos < seq.size()
169             && seq.getObjectAt(seqPos) instanceof DERTaggedObject)
170         {
171             crlExtensions = X509Extensions.getInstance(seq.getObjectAt(seqPos++));
172         }
173     }
174 
175     public int getVersion()
176     {
177         return version.getValue().intValue() + 1;
178     }
179 
180     public DERInteger getVersionNumber()
181     {
182         return version;
183     }
184 
185     public AlgorithmIdentifier getSignature()
186     {
187         return signature;
188     }
189 
190     public X509Name getIssuer()
191     {
192         return issuer;
193     }
194 
195     public Time getThisUpdate()
196     {
197         return thisUpdate;
198     }
199 
200     public Time getNextUpdate()
201     {
202         return nextUpdate;
203     }
204 
205     public CRLEntry[] getRevokedCertificates()
206     {
207         return revokedCertificates;
208     }
209 
210     public X509Extensions getExtensions()
211     {
212         return crlExtensions;
213     }
214 
215     public DERObject toASN1Object()
216     {
217         return seq;
218     }
219 }
220
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags