001package org.apache.commons.ssl.org.bouncycastle.asn1.x509;
002
003import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1EncodableVector;
004import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Integer;
005import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1UTCTime;
006import org.apache.commons.ssl.org.bouncycastle.asn1.DERBitString;
007import org.apache.commons.ssl.org.bouncycastle.asn1.DERSequence;
008import org.apache.commons.ssl.org.bouncycastle.asn1.DERTaggedObject;
009import org.apache.commons.ssl.org.bouncycastle.asn1.x500.X500Name;
010
011/**
012 * Generator for Version 3 TBSCertificateStructures.
013 * <pre>
014 * TBSCertificate ::= SEQUENCE {
015 *      version          [ 0 ]  Version DEFAULT v1(0),
016 *      serialNumber            CertificateSerialNumber,
017 *      signature               AlgorithmIdentifier,
018 *      issuer                  Name,
019 *      validity                Validity,
020 *      subject                 Name,
021 *      subjectPublicKeyInfo    SubjectPublicKeyInfo,
022 *      issuerUniqueID    [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
023 *      subjectUniqueID   [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
024 *      extensions        [ 3 ] Extensions OPTIONAL
025 *      }
026 * </pre>
027 *
028 */
029public class V3TBSCertificateGenerator
030{
031    DERTaggedObject         version = new DERTaggedObject(true, 0, new ASN1Integer(2));
032
033    ASN1Integer              serialNumber;
034    AlgorithmIdentifier     signature;
035    X500Name                issuer;
036    Time                    startDate, endDate;
037    X500Name                subject;
038    SubjectPublicKeyInfo    subjectPublicKeyInfo;
039    Extensions              extensions;
040
041    private boolean altNamePresentAndCritical;
042    private DERBitString issuerUniqueID;
043    private DERBitString subjectUniqueID;
044
045    public V3TBSCertificateGenerator()
046    {
047    }
048
049    public void setSerialNumber(
050        ASN1Integer  serialNumber)
051    {
052        this.serialNumber = serialNumber;
053    }
054
055    public void setSignature(
056        AlgorithmIdentifier    signature)
057    {
058        this.signature = signature;
059    }
060
061        /**
062     * @deprecated use X500Name method
063     */
064    public void setIssuer(
065        X509Name    issuer)
066    {
067        this.issuer = X500Name.getInstance(issuer);
068    }
069
070    public void setIssuer(
071        X500Name issuer)
072    {
073        this.issuer = issuer;
074    }
075    
076    public void setStartDate(
077        ASN1UTCTime startDate)
078    {
079        this.startDate = new Time(startDate);
080    }
081
082    public void setStartDate(
083        Time startDate)
084    {
085        this.startDate = startDate;
086    }
087
088    public void setEndDate(
089        ASN1UTCTime endDate)
090    {
091        this.endDate = new Time(endDate);
092    }
093
094    public void setEndDate(
095        Time endDate)
096    {
097        this.endDate = endDate;
098    }
099
100        /**
101     * @deprecated use X500Name method
102     */
103    public void setSubject(
104        X509Name    subject)
105    {
106        this.subject = X500Name.getInstance(subject.toASN1Primitive());
107    }
108
109    public void setSubject(
110        X500Name subject)
111    {
112        this.subject = subject;
113    }
114
115    public void setIssuerUniqueID(
116        DERBitString uniqueID)
117    {
118        this.issuerUniqueID = uniqueID;
119    }
120
121    public void setSubjectUniqueID(
122        DERBitString uniqueID)
123    {
124        this.subjectUniqueID = uniqueID;
125    }
126
127    public void setSubjectPublicKeyInfo(
128        SubjectPublicKeyInfo    pubKeyInfo)
129    {
130        this.subjectPublicKeyInfo = pubKeyInfo;
131    }
132
133    /**
134     * @deprecated use method taking Extensions
135     * @param extensions
136     */
137    public void setExtensions(
138        X509Extensions    extensions)
139    {
140        setExtensions(Extensions.getInstance(extensions));
141    }
142
143    public void setExtensions(
144        Extensions    extensions)
145    {
146        this.extensions = extensions;
147        if (extensions != null)
148        {
149            Extension altName = extensions.getExtension(Extension.subjectAlternativeName);
150
151            if (altName != null && altName.isCritical())
152            {
153                altNamePresentAndCritical = true;
154            }
155        }
156    }
157
158    public TBSCertificate generateTBSCertificate()
159    {
160        if ((serialNumber == null) || (signature == null)
161            || (issuer == null) || (startDate == null) || (endDate == null)
162            || (subject == null && !altNamePresentAndCritical) || (subjectPublicKeyInfo == null))
163        {
164            throw new IllegalStateException("not all mandatory fields set in V3 TBScertificate generator");
165        }
166
167        ASN1EncodableVector  v = new ASN1EncodableVector();
168
169        v.add(version);
170        v.add(serialNumber);
171        v.add(signature);
172        v.add(issuer);
173
174        //
175        // before and after dates
176        //
177        ASN1EncodableVector  validity = new ASN1EncodableVector();
178
179        validity.add(startDate);
180        validity.add(endDate);
181
182        v.add(new DERSequence(validity));
183
184        if (subject != null)
185        {
186            v.add(subject);
187        }
188        else
189        {
190            v.add(new DERSequence());
191        }
192
193        v.add(subjectPublicKeyInfo);
194
195        if (issuerUniqueID != null)
196        {
197            v.add(new DERTaggedObject(false, 1, issuerUniqueID));
198        }
199
200        if (subjectUniqueID != null)
201        {
202            v.add(new DERTaggedObject(false, 2, subjectUniqueID));
203        }
204
205        if (extensions != null)
206        {
207            v.add(new DERTaggedObject(true, 3, extensions));
208        }
209
210        return TBSCertificate.getInstance(new DERSequence(v));
211    }
212}