001package org.apache.commons.ssl.org.bouncycastle.asn1.x509;
002
003import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Integer;
004import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Object;
005import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Primitive;
006import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Sequence;
007import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1TaggedObject;
008import org.apache.commons.ssl.org.bouncycastle.asn1.DERBitString;
009import org.apache.commons.ssl.org.bouncycastle.asn1.DERTaggedObject;
010import org.apache.commons.ssl.org.bouncycastle.asn1.x500.X500Name;
011
012/**
013 * The TBSCertificate object.
014 * <pre>
015 * TBSCertificate ::= SEQUENCE {
016 *      version          [ 0 ]  Version DEFAULT v1(0),
017 *      serialNumber            CertificateSerialNumber,
018 *      signature               AlgorithmIdentifier,
019 *      issuer                  Name,
020 *      validity                Validity,
021 *      subject                 Name,
022 *      subjectPublicKeyInfo    SubjectPublicKeyInfo,
023 *      issuerUniqueID    [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
024 *      subjectUniqueID   [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
025 *      extensions        [ 3 ] Extensions OPTIONAL
026 *      }
027 * </pre>
028 * <p>
029 * Note: issuerUniqueID and subjectUniqueID are both deprecated by the IETF. This class
030 * will parse them, but you really shouldn't be creating new ones.
031 */
032public class TBSCertificate
033    extends ASN1Object
034{
035    ASN1Sequence            seq;
036
037    ASN1Integer             version;
038    ASN1Integer             serialNumber;
039    AlgorithmIdentifier     signature;
040    X500Name                issuer;
041    Time                    startDate, endDate;
042    X500Name                subject;
043    SubjectPublicKeyInfo    subjectPublicKeyInfo;
044    DERBitString            issuerUniqueId;
045    DERBitString            subjectUniqueId;
046    Extensions              extensions;
047
048    public static TBSCertificate getInstance(
049        ASN1TaggedObject obj,
050        boolean          explicit)
051    {
052        return getInstance(ASN1Sequence.getInstance(obj, explicit));
053    }
054
055    public static TBSCertificate getInstance(
056        Object  obj)
057    {
058        if (obj instanceof TBSCertificate)
059        {
060            return (TBSCertificate)obj;
061        }
062        else if (obj != null)
063        {
064            return new TBSCertificate(ASN1Sequence.getInstance(obj));
065        }
066
067        return null;
068    }
069
070    private TBSCertificate(
071        ASN1Sequence seq)
072    {
073        int         seqStart = 0;
074
075        this.seq = seq;
076
077        //
078        // some certficates don't include a version number - we assume v1
079        //
080        if (seq.getObjectAt(0) instanceof DERTaggedObject)
081        {
082            version = ASN1Integer.getInstance((ASN1TaggedObject)seq.getObjectAt(0), true);
083        }
084        else
085        {
086            seqStart = -1;          // field 0 is missing!
087            version = new ASN1Integer(0);
088        }
089
090        serialNumber = ASN1Integer.getInstance(seq.getObjectAt(seqStart + 1));
091
092        signature = AlgorithmIdentifier.getInstance(seq.getObjectAt(seqStart + 2));
093        issuer = X500Name.getInstance(seq.getObjectAt(seqStart + 3));
094
095        //
096        // before and after dates
097        //
098        ASN1Sequence  dates = (ASN1Sequence)seq.getObjectAt(seqStart + 4);
099
100        startDate = Time.getInstance(dates.getObjectAt(0));
101        endDate = Time.getInstance(dates.getObjectAt(1));
102
103        subject = X500Name.getInstance(seq.getObjectAt(seqStart + 5));
104
105        //
106        // public key info.
107        //
108        subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(seq.getObjectAt(seqStart + 6));
109
110        for (int extras = seq.size() - (seqStart + 6) - 1; extras > 0; extras--)
111        {
112            DERTaggedObject extra = (DERTaggedObject)seq.getObjectAt(seqStart + 6 + extras);
113
114            switch (extra.getTagNo())
115            {
116            case 1:
117                issuerUniqueId = DERBitString.getInstance(extra, false);
118                break;
119            case 2:
120                subjectUniqueId = DERBitString.getInstance(extra, false);
121                break;
122            case 3:
123                extensions = Extensions.getInstance(ASN1Sequence.getInstance(extra, true));
124            }
125        }
126    }
127
128    public int getVersionNumber()
129    {
130        return version.getValue().intValue() + 1;
131    }
132
133    public ASN1Integer getVersion()
134    {
135        return version;
136    }
137
138    public ASN1Integer getSerialNumber()
139    {
140        return serialNumber;
141    }
142
143    public AlgorithmIdentifier getSignature()
144    {
145        return signature;
146    }
147
148    public X500Name getIssuer()
149    {
150        return issuer;
151    }
152
153    public Time getStartDate()
154    {
155        return startDate;
156    }
157
158    public Time getEndDate()
159    {
160        return endDate;
161    }
162
163    public X500Name getSubject()
164    {
165        return subject;
166    }
167
168    public SubjectPublicKeyInfo getSubjectPublicKeyInfo()
169    {
170        return subjectPublicKeyInfo;
171    }
172
173    public DERBitString getIssuerUniqueId()
174    {
175        return issuerUniqueId;
176    }
177
178    public DERBitString getSubjectUniqueId()
179    {
180        return subjectUniqueId;
181    }
182
183    public Extensions getExtensions()
184    {
185        return extensions;
186    }
187
188    public ASN1Primitive toASN1Primitive()
189    {
190        return seq;
191    }
192}