1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one or more 3 * contributor license agreements. See the NOTICE file distributed with 4 * this work for additional information regarding copyright ownership. 5 * The ASF licenses this file to You under the Apache License, Version 2.0 6 * (the "License"); you may not use this file except in compliance with 7 * the License. You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 18 /** 19 * @author Alexander Y. Kleymenov 20 * @version $Revision$ 21 */ 22 23 package org.apache.harmony.security.x509; 24 25 import java.io.IOException; 26 import java.math.BigInteger; 27 import org.apache.harmony.security.asn1.ASN1Implicit; 28 import org.apache.harmony.security.asn1.ASN1Integer; 29 import org.apache.harmony.security.asn1.ASN1OctetString; 30 import org.apache.harmony.security.asn1.ASN1Sequence; 31 import org.apache.harmony.security.asn1.ASN1Type; 32 import org.apache.harmony.security.asn1.BerInputStream; 33 import org.apache.harmony.security.utils.Array; 34 35 /** 36 * The class encapsulates the ASN.1 DER encoding/decoding work 37 * with Authority Key Identifier Extension (OID = 2.5.29.35). 38 * (as specified in RFC 3280 - 39 * Internet X.509 Public Key Infrastructure. 40 * Certificate and Certificate Revocation List (CRL) Profile. 41 * http://www.ietf.org/rfc/rfc3280.txt): 42 * 43 * <pre> 44 * id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35 } 45 * 46 * AuthorityKeyIdentifier ::= SEQUENCE { 47 * keyIdentifier [0] KeyIdentifier OPTIONAL, 48 * authorityCertIssuer [1] GeneralNames OPTIONAL, 49 * authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL } 50 * 51 * KeyIdentifier ::= OCTET STRING 52 * </pre> 53 */ 54 public final class AuthorityKeyIdentifier extends ExtensionValue { 55 private final byte[] keyIdentifier; 56 private final GeneralNames authorityCertIssuer; 57 private final BigInteger authorityCertSerialNumber; 58 59 public AuthorityKeyIdentifier(byte[] keyIdentifier, 60 GeneralNames authorityCertIssuer, 61 BigInteger authorityCertSerialNumber) { 62 this.keyIdentifier = keyIdentifier; 63 this.authorityCertIssuer = authorityCertIssuer; 64 this.authorityCertSerialNumber = authorityCertSerialNumber; 65 } 66 67 public static AuthorityKeyIdentifier decode(byte[] encoding) throws IOException { 68 AuthorityKeyIdentifier aki = (AuthorityKeyIdentifier) ASN1.decode(encoding); 69 aki.encoding = encoding; 70 return aki; 71 } 72 73 /** 74 * The key identifier for the authority. 75 * 76 * @return key identifier or {@code null} 77 */ 78 public byte[] getKeyIdentifier() { 79 return keyIdentifier; 80 } 81 82 /** 83 * The GeneralNames for this authority key identifier. 84 * 85 * @return names for the authority certificate issuer or {@code null} 86 */ 87 public GeneralNames getAuthorityCertIssuer() { 88 return authorityCertIssuer; 89 } 90 91 /** 92 * The serial number of the certificate identified by this authority key 93 * identifier. 94 * 95 * @return authority's certificate serial number or {@code null} 96 */ 97 public BigInteger getAuthorityCertSerialNumber() { 98 return authorityCertSerialNumber; 99 } 100 101 @Override public byte[] getEncoded() { 102 if (encoding == null) { 103 encoding = ASN1.encode(this); 104 } 105 return encoding; 106 } 107 108 @Override public void dumpValue(StringBuilder sb, String prefix) { 109 sb.append(prefix).append("AuthorityKeyIdentifier [\n"); 110 if (keyIdentifier != null) { 111 sb.append(prefix).append(" keyIdentifier:\n"); 112 sb.append(Array.toString(keyIdentifier, prefix + " ")); 113 } 114 if (authorityCertIssuer != null) { 115 sb.append(prefix).append(" authorityCertIssuer: [\n"); 116 authorityCertIssuer.dumpValue(sb, prefix + " "); 117 sb.append(prefix).append(" ]\n"); 118 } 119 if (authorityCertSerialNumber != null) { 120 sb.append(prefix).append(" authorityCertSerialNumber: "); 121 sb.append(authorityCertSerialNumber).append('\n'); 122 } 123 sb.append(prefix).append("]\n"); 124 } 125 126 public static final ASN1Type ASN1 = new ASN1Sequence( 127 new ASN1Type[] { 128 new ASN1Implicit(0, ASN1OctetString.getInstance()), 129 new ASN1Implicit(1, GeneralNames.ASN1), 130 new ASN1Implicit(2, ASN1Integer.getInstance()), 131 }) { 132 { 133 setOptional(0); 134 setOptional(1); 135 setOptional(2); 136 } 137 138 @Override protected Object getDecodedObject(BerInputStream in) throws IOException { 139 Object[] values = (Object[]) in.content; 140 141 byte[] bytes = (byte[]) values[2]; 142 BigInteger authorityCertSerialNumber = null; 143 if (bytes != null) { 144 authorityCertSerialNumber = new BigInteger(bytes); 145 } 146 147 return new AuthorityKeyIdentifier((byte[]) values[0], 148 (GeneralNames) values[1], authorityCertSerialNumber); 149 } 150 151 @Override protected void getValues(Object object, Object[] values) { 152 AuthorityKeyIdentifier akid = (AuthorityKeyIdentifier) object; 153 values[0] = akid.keyIdentifier; 154 values[1] = akid.authorityCertIssuer; 155 if (akid.authorityCertSerialNumber != null) { 156 values[2] = akid.authorityCertSerialNumber.toByteArray(); 157 } 158 } 159 }; 160 } 161