Home | History | Annotate | Download | only in x509 
      1 package org.bouncycastle.asn1.x509;
      2 
      3 import org.bouncycastle.asn1.ASN1EncodableVector;
      4 import org.bouncycastle.asn1.ASN1Integer;
      5 import org.bouncycastle.asn1.ASN1UTCTime;
      6 import org.bouncycastle.asn1.DERBitString;
      7 import org.bouncycastle.asn1.DERSequence;
      8 import org.bouncycastle.asn1.DERTaggedObject;
      9 import org.bouncycastle.asn1.x500.X500Name;
     10 
     11 /**
     12  * Generator for Version 3 TBSCertificateStructures.
     13  * <pre>
     14  * TBSCertificate ::= SEQUENCE {
     15  *      version          [ 0 ]  Version DEFAULT v1(0),
     16  *      serialNumber            CertificateSerialNumber,
     17  *      signature               AlgorithmIdentifier,
     18  *      issuer                  Name,
     19  *      validity                Validity,
     20  *      subject                 Name,
     21  *      subjectPublicKeyInfo    SubjectPublicKeyInfo,
     22  *      issuerUniqueID    [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
     23  *      subjectUniqueID   [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
     24  *      extensions        [ 3 ] Extensions OPTIONAL
     25  *      }
     26  * </pre>
     27  *
     28  */
     29 public class V3TBSCertificateGenerator
     30 {
     31     DERTaggedObject         version = new DERTaggedObject(true, 0, new ASN1Integer(2));
     32 
     33     ASN1Integer              serialNumber;
     34     AlgorithmIdentifier     signature;
     35     X500Name                issuer;
     36     Time                    startDate, endDate;
     37     X500Name                subject;
     38     SubjectPublicKeyInfo    subjectPublicKeyInfo;
     39     Extensions              extensions;
     40 
     41     private boolean altNamePresentAndCritical;
     42     private DERBitString issuerUniqueID;
     43     private DERBitString subjectUniqueID;
     44 
     45     public V3TBSCertificateGenerator()
     46     {
     47     }
     48 
     49     public void setSerialNumber(
     50         ASN1Integer  serialNumber)
     51     {
     52         this.serialNumber = serialNumber;
     53     }
     54 
     55     public void setSignature(
     56         AlgorithmIdentifier    signature)
     57     {
     58         this.signature = signature;
     59     }
     60 
     61         /**
     62      * @deprecated use X500Name method
     63      */
     64     public void setIssuer(
     65         X509Name    issuer)
     66     {
     67         this.issuer = X500Name.getInstance(issuer);
     68     }
     69 
     70     public void setIssuer(
     71         X500Name issuer)
     72     {
     73         this.issuer = issuer;
     74     }
     75 
     76     public void setStartDate(
     77         ASN1UTCTime startDate)
     78     {
     79         this.startDate = new Time(startDate);
     80     }
     81 
     82     public void setStartDate(
     83         Time startDate)
     84     {
     85         this.startDate = startDate;
     86     }
     87 
     88     public void setEndDate(
     89         ASN1UTCTime endDate)
     90     {
     91         this.endDate = new Time(endDate);
     92     }
     93 
     94     public void setEndDate(
     95         Time endDate)
     96     {
     97         this.endDate = endDate;
     98     }
     99 
    100         /**
    101      * @deprecated use X500Name method
    102      */
    103     public void setSubject(
    104         X509Name    subject)
    105     {
    106         this.subject = X500Name.getInstance(subject.toASN1Primitive());
    107     }
    108 
    109     public void setSubject(
    110         X500Name subject)
    111     {
    112         this.subject = subject;
    113     }
    114 
    115     public void setIssuerUniqueID(
    116         DERBitString uniqueID)
    117     {
    118         this.issuerUniqueID = uniqueID;
    119     }
    120 
    121     public void setSubjectUniqueID(
    122         DERBitString uniqueID)
    123     {
    124         this.subjectUniqueID = uniqueID;
    125     }
    126 
    127     public void setSubjectPublicKeyInfo(
    128         SubjectPublicKeyInfo    pubKeyInfo)
    129     {
    130         this.subjectPublicKeyInfo = pubKeyInfo;
    131     }
    132 
    133     /**
    134      * @deprecated use method taking Extensions
    135      * @param extensions
    136      */
    137     public void setExtensions(
    138         X509Extensions    extensions)
    139     {
    140         setExtensions(Extensions.getInstance(extensions));
    141     }
    142 
    143     public void setExtensions(
    144         Extensions    extensions)
    145     {
    146         this.extensions = extensions;
    147         if (extensions != null)
    148         {
    149             Extension altName = extensions.getExtension(Extension.subjectAlternativeName);
    150 
    151             if (altName != null && altName.isCritical())
    152             {
    153                 altNamePresentAndCritical = true;
    154             }
    155         }
    156     }
    157 
    158     public TBSCertificate generateTBSCertificate()
    159     {
    160         if ((serialNumber == null) || (signature == null)
    161             || (issuer == null) || (startDate == null) || (endDate == null)
    162             || (subject == null && !altNamePresentAndCritical) || (subjectPublicKeyInfo == null))
    163         {
    164             throw new IllegalStateException("not all mandatory fields set in V3 TBScertificate generator");
    165         }
    166 
    167         ASN1EncodableVector  v = new ASN1EncodableVector();
    168 
    169         v.add(version);
    170         v.add(serialNumber);
    171         v.add(signature);
    172         v.add(issuer);
    173 
    174         //
    175         // before and after dates
    176         //
    177         ASN1EncodableVector  validity = new ASN1EncodableVector();
    178 
    179         validity.add(startDate);
    180         validity.add(endDate);
    181 
    182         v.add(new DERSequence(validity));
    183 
    184         if (subject != null)
    185         {
    186             v.add(subject);
    187         }
    188         else
    189         {
    190             v.add(new DERSequence());
    191         }
    192 
    193         v.add(subjectPublicKeyInfo);
    194 
    195         if (issuerUniqueID != null)
    196         {
    197             v.add(new DERTaggedObject(false, 1, issuerUniqueID));
    198         }
    199 
    200         if (subjectUniqueID != null)
    201         {
    202             v.add(new DERTaggedObject(false, 2, subjectUniqueID));
    203         }
    204 
    205         if (extensions != null)
    206         {
    207             v.add(new DERTaggedObject(true, 3, extensions));
    208         }
    209 
    210         return TBSCertificate.getInstance(new DERSequence(v));
    211     }
    212 }
    213