001package org.apache.commons.ssl.org.bouncycastle.asn1.x509; 002 003import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1EncodableVector; 004import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Integer; 005import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1UTCTime; 006import org.apache.commons.ssl.org.bouncycastle.asn1.DERBitString; 007import org.apache.commons.ssl.org.bouncycastle.asn1.DERSequence; 008import org.apache.commons.ssl.org.bouncycastle.asn1.DERTaggedObject; 009import org.apache.commons.ssl.org.bouncycastle.asn1.x500.X500Name; 010 011/** 012 * Generator for Version 3 TBSCertificateStructures. 013 * <pre> 014 * TBSCertificate ::= SEQUENCE { 015 * version [ 0 ] Version DEFAULT v1(0), 016 * serialNumber CertificateSerialNumber, 017 * signature AlgorithmIdentifier, 018 * issuer Name, 019 * validity Validity, 020 * subject Name, 021 * subjectPublicKeyInfo SubjectPublicKeyInfo, 022 * issuerUniqueID [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL, 023 * subjectUniqueID [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL, 024 * extensions [ 3 ] Extensions OPTIONAL 025 * } 026 * </pre> 027 * 028 */ 029public class V3TBSCertificateGenerator 030{ 031 DERTaggedObject version = new DERTaggedObject(true, 0, new ASN1Integer(2)); 032 033 ASN1Integer serialNumber; 034 AlgorithmIdentifier signature; 035 X500Name issuer; 036 Time startDate, endDate; 037 X500Name subject; 038 SubjectPublicKeyInfo subjectPublicKeyInfo; 039 Extensions extensions; 040 041 private boolean altNamePresentAndCritical; 042 private DERBitString issuerUniqueID; 043 private DERBitString subjectUniqueID; 044 045 public V3TBSCertificateGenerator() 046 { 047 } 048 049 public void setSerialNumber( 050 ASN1Integer serialNumber) 051 { 052 this.serialNumber = serialNumber; 053 } 054 055 public void setSignature( 056 AlgorithmIdentifier signature) 057 { 058 this.signature = signature; 059 } 060 061 /** 062 * @deprecated use X500Name method 063 */ 064 public void setIssuer( 065 X509Name issuer) 066 { 067 this.issuer = X500Name.getInstance(issuer); 068 } 069 070 public void setIssuer( 071 X500Name issuer) 072 { 073 this.issuer = issuer; 074 } 075 076 public void setStartDate( 077 ASN1UTCTime startDate) 078 { 079 this.startDate = new Time(startDate); 080 } 081 082 public void setStartDate( 083 Time startDate) 084 { 085 this.startDate = startDate; 086 } 087 088 public void setEndDate( 089 ASN1UTCTime endDate) 090 { 091 this.endDate = new Time(endDate); 092 } 093 094 public void setEndDate( 095 Time endDate) 096 { 097 this.endDate = endDate; 098 } 099 100 /** 101 * @deprecated use X500Name method 102 */ 103 public void setSubject( 104 X509Name subject) 105 { 106 this.subject = X500Name.getInstance(subject.toASN1Primitive()); 107 } 108 109 public void setSubject( 110 X500Name subject) 111 { 112 this.subject = subject; 113 } 114 115 public void setIssuerUniqueID( 116 DERBitString uniqueID) 117 { 118 this.issuerUniqueID = uniqueID; 119 } 120 121 public void setSubjectUniqueID( 122 DERBitString uniqueID) 123 { 124 this.subjectUniqueID = uniqueID; 125 } 126 127 public void setSubjectPublicKeyInfo( 128 SubjectPublicKeyInfo pubKeyInfo) 129 { 130 this.subjectPublicKeyInfo = pubKeyInfo; 131 } 132 133 /** 134 * @deprecated use method taking Extensions 135 * @param extensions 136 */ 137 public void setExtensions( 138 X509Extensions extensions) 139 { 140 setExtensions(Extensions.getInstance(extensions)); 141 } 142 143 public void setExtensions( 144 Extensions extensions) 145 { 146 this.extensions = extensions; 147 if (extensions != null) 148 { 149 Extension altName = extensions.getExtension(Extension.subjectAlternativeName); 150 151 if (altName != null && altName.isCritical()) 152 { 153 altNamePresentAndCritical = true; 154 } 155 } 156 } 157 158 public TBSCertificate generateTBSCertificate() 159 { 160 if ((serialNumber == null) || (signature == null) 161 || (issuer == null) || (startDate == null) || (endDate == null) 162 || (subject == null && !altNamePresentAndCritical) || (subjectPublicKeyInfo == null)) 163 { 164 throw new IllegalStateException("not all mandatory fields set in V3 TBScertificate generator"); 165 } 166 167 ASN1EncodableVector v = new ASN1EncodableVector(); 168 169 v.add(version); 170 v.add(serialNumber); 171 v.add(signature); 172 v.add(issuer); 173 174 // 175 // before and after dates 176 // 177 ASN1EncodableVector validity = new ASN1EncodableVector(); 178 179 validity.add(startDate); 180 validity.add(endDate); 181 182 v.add(new DERSequence(validity)); 183 184 if (subject != null) 185 { 186 v.add(subject); 187 } 188 else 189 { 190 v.add(new DERSequence()); 191 } 192 193 v.add(subjectPublicKeyInfo); 194 195 if (issuerUniqueID != null) 196 { 197 v.add(new DERTaggedObject(false, 1, issuerUniqueID)); 198 } 199 200 if (subjectUniqueID != null) 201 { 202 v.add(new DERTaggedObject(false, 2, subjectUniqueID)); 203 } 204 205 if (extensions != null) 206 { 207 v.add(new DERTaggedObject(true, 3, extensions)); 208 } 209 210 return TBSCertificate.getInstance(new DERSequence(v)); 211 } 212}