001package org.apache.commons.ssl.org.bouncycastle.asn1.x509; 002 003import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Integer; 004import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Object; 005import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Primitive; 006import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Sequence; 007import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1TaggedObject; 008import org.apache.commons.ssl.org.bouncycastle.asn1.DERBitString; 009import org.apache.commons.ssl.org.bouncycastle.asn1.DERTaggedObject; 010import org.apache.commons.ssl.org.bouncycastle.asn1.x500.X500Name; 011 012/** 013 * The TBSCertificate object. 014 * <pre> 015 * TBSCertificate ::= SEQUENCE { 016 * version [ 0 ] Version DEFAULT v1(0), 017 * serialNumber CertificateSerialNumber, 018 * signature AlgorithmIdentifier, 019 * issuer Name, 020 * validity Validity, 021 * subject Name, 022 * subjectPublicKeyInfo SubjectPublicKeyInfo, 023 * issuerUniqueID [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL, 024 * subjectUniqueID [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL, 025 * extensions [ 3 ] Extensions OPTIONAL 026 * } 027 * </pre> 028 * <p> 029 * Note: issuerUniqueID and subjectUniqueID are both deprecated by the IETF. This class 030 * will parse them, but you really shouldn't be creating new ones. 031 */ 032public class TBSCertificate 033 extends ASN1Object 034{ 035 ASN1Sequence seq; 036 037 ASN1Integer version; 038 ASN1Integer serialNumber; 039 AlgorithmIdentifier signature; 040 X500Name issuer; 041 Time startDate, endDate; 042 X500Name subject; 043 SubjectPublicKeyInfo subjectPublicKeyInfo; 044 DERBitString issuerUniqueId; 045 DERBitString subjectUniqueId; 046 Extensions extensions; 047 048 public static TBSCertificate getInstance( 049 ASN1TaggedObject obj, 050 boolean explicit) 051 { 052 return getInstance(ASN1Sequence.getInstance(obj, explicit)); 053 } 054 055 public static TBSCertificate getInstance( 056 Object obj) 057 { 058 if (obj instanceof TBSCertificate) 059 { 060 return (TBSCertificate)obj; 061 } 062 else if (obj != null) 063 { 064 return new TBSCertificate(ASN1Sequence.getInstance(obj)); 065 } 066 067 return null; 068 } 069 070 private TBSCertificate( 071 ASN1Sequence seq) 072 { 073 int seqStart = 0; 074 075 this.seq = seq; 076 077 // 078 // some certficates don't include a version number - we assume v1 079 // 080 if (seq.getObjectAt(0) instanceof DERTaggedObject) 081 { 082 version = ASN1Integer.getInstance((ASN1TaggedObject)seq.getObjectAt(0), true); 083 } 084 else 085 { 086 seqStart = -1; // field 0 is missing! 087 version = new ASN1Integer(0); 088 } 089 090 serialNumber = ASN1Integer.getInstance(seq.getObjectAt(seqStart + 1)); 091 092 signature = AlgorithmIdentifier.getInstance(seq.getObjectAt(seqStart + 2)); 093 issuer = X500Name.getInstance(seq.getObjectAt(seqStart + 3)); 094 095 // 096 // before and after dates 097 // 098 ASN1Sequence dates = (ASN1Sequence)seq.getObjectAt(seqStart + 4); 099 100 startDate = Time.getInstance(dates.getObjectAt(0)); 101 endDate = Time.getInstance(dates.getObjectAt(1)); 102 103 subject = X500Name.getInstance(seq.getObjectAt(seqStart + 5)); 104 105 // 106 // public key info. 107 // 108 subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(seq.getObjectAt(seqStart + 6)); 109 110 for (int extras = seq.size() - (seqStart + 6) - 1; extras > 0; extras--) 111 { 112 DERTaggedObject extra = (DERTaggedObject)seq.getObjectAt(seqStart + 6 + extras); 113 114 switch (extra.getTagNo()) 115 { 116 case 1: 117 issuerUniqueId = DERBitString.getInstance(extra, false); 118 break; 119 case 2: 120 subjectUniqueId = DERBitString.getInstance(extra, false); 121 break; 122 case 3: 123 extensions = Extensions.getInstance(ASN1Sequence.getInstance(extra, true)); 124 } 125 } 126 } 127 128 public int getVersionNumber() 129 { 130 return version.getValue().intValue() + 1; 131 } 132 133 public ASN1Integer getVersion() 134 { 135 return version; 136 } 137 138 public ASN1Integer getSerialNumber() 139 { 140 return serialNumber; 141 } 142 143 public AlgorithmIdentifier getSignature() 144 { 145 return signature; 146 } 147 148 public X500Name getIssuer() 149 { 150 return issuer; 151 } 152 153 public Time getStartDate() 154 { 155 return startDate; 156 } 157 158 public Time getEndDate() 159 { 160 return endDate; 161 } 162 163 public X500Name getSubject() 164 { 165 return subject; 166 } 167 168 public SubjectPublicKeyInfo getSubjectPublicKeyInfo() 169 { 170 return subjectPublicKeyInfo; 171 } 172 173 public DERBitString getIssuerUniqueId() 174 { 175 return issuerUniqueId; 176 } 177 178 public DERBitString getSubjectUniqueId() 179 { 180 return subjectUniqueId; 181 } 182 183 public Extensions getExtensions() 184 { 185 return extensions; 186 } 187 188 public ASN1Primitive toASN1Primitive() 189 { 190 return seq; 191 } 192}