FileDocCategorySizeDatePackage
TBSCertificate.javaAPI DocAndroid 1.5 API13200Wed May 06 22:41:06 BST 2009org.apache.harmony.security.x509

TBSCertificate.java

/*
 *  Licensed to the Apache Software Foundation (ASF) under one or more
 *  contributor license agreements.  See the NOTICE file distributed with
 *  this work for additional information regarding copyright ownership.
 *  The ASF licenses this file to You under the Apache License, Version 2.0
 *  (the "License"); you may not use this file except in compliance with
 *  the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 */

/**
* @author Alexander Y. Kleymenov
* @version $Revision$
*/

package org.apache.harmony.security.x509;

import java.math.BigInteger;
import javax.security.auth.x500.X500Principal;

import org.apache.harmony.security.asn1.ASN1BitString;
import org.apache.harmony.security.asn1.ASN1Explicit;
import org.apache.harmony.security.asn1.ASN1Implicit;
import org.apache.harmony.security.asn1.ASN1Integer;
import org.apache.harmony.security.asn1.ASN1Sequence;
import org.apache.harmony.security.asn1.ASN1Type;
import org.apache.harmony.security.asn1.BerInputStream;
import org.apache.harmony.security.asn1.BitString;
import org.apache.harmony.security.x501.Name;

/**
 * The class encapsulates the ASN.1 DER encoding/decoding work 
 * with TBSCertificate structure which is the part of X.509 certificate
 * (as specified in RFC 3280 -
 *  Internet X.509 Public Key Infrastructure.
 *  Certificate and Certificate Revocation List (CRL) Profile.
 *  http://www.ietf.org/rfc/rfc3280.txt):
 *
 * <pre>
 *  TBSCertificate  ::=  SEQUENCE  {
 *       version         [0]  EXPLICIT Version DEFAULT v1,
 *       serialNumber         CertificateSerialNumber,
 *       signature            AlgorithmIdentifier,
 *       issuer               Name,
 *       validity             Validity,
 *       subject              Name,
 *       subjectPublicKeyInfo SubjectPublicKeyInfo,
 *       issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
 *                            -- If present, version MUST be v2 or v3
 *       subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL,
 *                            -- If present, version MUST be v2 or v3
 *       extensions      [3]  EXPLICIT Extensions OPTIONAL
 *                            -- If present, version MUST be v3
 *  }
 * </pre>
 */
public class TBSCertificate {

    // the value of version field of the structure
    private final int version; 
    // the value of serialNumber field of the structure
    private final BigInteger serialNumber;
    // the value of signature field of the structure
    private final AlgorithmIdentifier signature; 
    // the value of issuer field of the structure
    private final Name issuer;
    // the value of validity field of the structure
    private final Validity validity;
    // the value of subject field of the structure
    private final Name subject;
    // the value of subjectPublicKeyInfo field of the structure
    private final SubjectPublicKeyInfo subjectPublicKeyInfo;
    // the value of issuerUniqueID field of the structure
    private final boolean[] issuerUniqueID;
    // the value of subjectUniqueID field of the structure
    private final boolean[] subjectUniqueID;
    // the value of extensions field of the structure
    private final Extensions extensions;
    // the ASN.1 encoded form of TBSCertificate
    byte[] encoding;

    /**
     * Constructs the instance of TBSCertificate without optional
     * fields (issuerUniqueID, subjectUniqueID, extensions)
     * @param   version :   int
     * @param   serialNumber    :   BigInteger
     * @param   signature   :   AlgorithmIdentifier
     * @param   issuer  :   Name
     * @param   validity    :   Validity
     * @param   subject :   Name
     * @param   subjectPublicKeyInfo    :   SubjectPublicKeyInfo
     */
    public TBSCertificate(int version, BigInteger serialNumber, 
                          AlgorithmIdentifier signature, Name issuer,
                          Validity validity, Name subject, 
                          SubjectPublicKeyInfo subjectPublicKeyInfo) {
        this(version, serialNumber, signature, issuer, validity, subject, 
             subjectPublicKeyInfo, null, null, null);
    }

    /**
     * TODO
     * @param   version:    int
     * @param   serialNumber:   BigInteger
     * @param   signature:  AlgorithmIdentifier
     * @param   issuer: Name
     * @param   validity:   Validity
     * @param   subject:    Name
     * @param   subjectPublicKeyInfo:   SubjectPublicKeyInfo
     * @param   issuerUniqueID: byte[]
     * @param   subjectUniqueID:    byte[]
     * @param   extensions: Extensions
     */
    public TBSCertificate(int version, BigInteger serialNumber, 
                          AlgorithmIdentifier signature, Name issuer,
                          Validity validity, Name subject, 
                          SubjectPublicKeyInfo subjectPublicKeyInfo,
                          boolean[] issuerUniqueID, boolean[] subjectUniqueID,
                          Extensions extensions) {
        this.version = version; 
        this.serialNumber = serialNumber;
        this.signature = signature; 
        this.issuer = issuer;
        this.validity = validity;
        this.subject = subject;
        this.subjectPublicKeyInfo = subjectPublicKeyInfo;
        this.issuerUniqueID = issuerUniqueID;
        this.subjectUniqueID = subjectUniqueID;
        this.extensions = extensions;
    }
        
    // 
    // TODO
    // @param   version:    int
    // @param   serialNumber:   BigInteger
    // @param   signature:  AlgorithmIdentifier
    // @param   issuer: Name
    // @param   validity:   Validity
    // @param   subject:    Name
    // @param   subjectPublicKeyInfo:   SubjectPublicKeyInfo
    // @param   issuerUniqueID: byte[]
    // @param   subjectUniqueID:    byte[]
    // @param   extensions: Extensions
    // @param   encoding:   byte[]
    // 
    private TBSCertificate(int version, BigInteger serialNumber, 
                          AlgorithmIdentifier signature, Name issuer,
                          Validity validity, Name subject, 
                          SubjectPublicKeyInfo subjectPublicKeyInfo,
                          boolean[] issuerUniqueID, boolean[] subjectUniqueID,
                          Extensions extensions, byte[] encoding) {
        this(version, serialNumber, signature, issuer, validity, subject, 
             subjectPublicKeyInfo, issuerUniqueID, subjectUniqueID, extensions);
        this.encoding = encoding;
    }
        
    /**
     * Returns the value of version field of the structure.
     * @return  version
     */
    public int getVersion() {
        return version;
    }

    /**
     * Returns the value of serialNumber field of the structure.
     * @return  serialNumber
     */
    public BigInteger getSerialNumber() {
        return serialNumber;
    }
    
    /**
     * Returns the value of signature field of the structure.
     * @return  signature
     */
    public AlgorithmIdentifier getSignature() {
        return signature;
    }
    
    /**
     * Returns the value of issuer field of the structure.
     * @return  issuer
     */
    public Name getIssuer() {
        return issuer;
    }
    
    /**
     * Returns the value of validity field of the structure.
     * @return  validity
     */
    public Validity getValidity() {
        return validity;
    }
    
    /**
     * Returns the value of subject field of the structure.
     * @return  subject
     */
    public Name getSubject() {
        return subject;
    }
    
    /**
     * Returns the value of subjectPublicKeyInfo field of the structure.
     * @return  subjectPublicKeyInfo
     */
    public SubjectPublicKeyInfo getSubjectPublicKeyInfo() {
        return subjectPublicKeyInfo;
    }
    
    /**
     * Returns the value of issuerUniqueID field of the structure.
     * @return  issuerUniqueID
     */
    public boolean[] getIssuerUniqueID() {
        return issuerUniqueID;
    }
    
    /**
     * Returns the value of subjectUniqueID field of the structure.
     * @return  subjectUniqueID
     */
    public boolean[] getSubjectUniqueID() {
        return subjectUniqueID;
    }
    
    /**
     * Returns the value of extensions field of the structure.
     * @return  extensions
     */
    public Extensions getExtensions() {
        return extensions;
    }

    /**
     * Returns ASN.1 encoded form of this X.509 TBSCertificate value.
     * @return a byte array containing ASN.1 encode form.
     */
    public byte[] getEncoded() {
        if (encoding == null) {
            encoding = ASN1.encode(this);
        }
        return encoding;
    }

    /**
     * Places the string representation into the StringBuffer object.
     */
    public void dumpValue(StringBuffer buffer) {
        buffer.append('[');
        buffer.append("\n  Version: V").append(version+1); //$NON-NLS-1$
        buffer.append("\n  Subject: ") //$NON-NLS-1$
            .append(subject.getName(X500Principal.RFC2253));
        buffer.append("\n  Signature Algorithm: "); //$NON-NLS-1$
        signature.dumpValue(buffer);
        buffer.append("\n  Key: "); //$NON-NLS-1$
        buffer.append(subjectPublicKeyInfo.getPublicKey().toString());
        buffer.append("\n  Validity: [From: "); //$NON-NLS-1$
        buffer.append(validity.getNotBefore());
        buffer.append("\n               To: "); //$NON-NLS-1$
        buffer.append(validity.getNotAfter()).append(']');
        buffer.append("\n  Issuer: "); //$NON-NLS-1$
        buffer.append(issuer.getName(X500Principal.RFC2253));
        buffer.append("\n  Serial Number: "); //$NON-NLS-1$
        buffer.append(serialNumber);
        if (issuerUniqueID != null) {
            buffer.append("\n  Issuer Id: "); //$NON-NLS-1$
            for (int i=0; i<issuerUniqueID.length; i++) {
                buffer.append(issuerUniqueID[i] ? '1' : '0');
            }
        }
        if (subjectUniqueID != null) {
            buffer.append("\n  Subject Id: "); //$NON-NLS-1$
            for (int i=0; i<subjectUniqueID.length; i++) {
                buffer.append(subjectUniqueID[i] ? '1' : '0');
            }
        }
        if (extensions != null) {
            buffer.append("\n\n  Extensions: "); //$NON-NLS-1$
            buffer.append("[\n"); //$NON-NLS-1$
            extensions.dumpValue(buffer, "    "); //$NON-NLS-1$
            buffer.append("  ]"); //$NON-NLS-1$
        }
        buffer.append("\n]"); //$NON-NLS-1$
    }

    /**
     * X.509 TBSCertificate encoder/decoder.
     */
    public static final ASN1Sequence ASN1 = new ASN1Sequence(new ASN1Type[] {
            new ASN1Explicit(0, ASN1Integer.getInstance()), ASN1Integer.getInstance(), 
            AlgorithmIdentifier.ASN1, Name.ASN1,
            Validity.ASN1, Name.ASN1, SubjectPublicKeyInfo.ASN1, 
            new ASN1Implicit(1, ASN1BitString.getInstance()), 
            new ASN1Implicit(2, ASN1BitString.getInstance()), 
            new ASN1Explicit(3, Extensions.ASN1)}) {
        {
            setDefault(new byte[] {0}, 0);
            setOptional(7);
            setOptional(8);
            setOptional(9);
        }

        protected Object getDecodedObject(BerInputStream in) {
            Object[] values = (Object[]) in.content;

            boolean[] issuerUniqueID = (values[7] == null) 
                ? null : ((BitString) values[7]).toBooleanArray();
            boolean[] subjectUniqueID = (values[8] == null) 
                ? null : ((BitString) values[8]).toBooleanArray();
            return new TBSCertificate(
                        ASN1Integer.toIntValue(values[0]),
                        new BigInteger((byte[]) values[1]), 
                        (AlgorithmIdentifier) values[2],
                        (Name) values[3], 
                        (Validity) values[4], 
                        (Name) values[5],
                        (SubjectPublicKeyInfo) values[6], 
                        issuerUniqueID,
                        subjectUniqueID,
                        (Extensions) values[9],
                        in.getEncoded()
                    );
        }

        protected void getValues(Object object, Object[] values) {
            TBSCertificate tbs = (TBSCertificate) object;
            values[0] = ASN1Integer.fromIntValue(tbs.version);
            values[1] = tbs.serialNumber.toByteArray();
            values[2] = tbs.signature;
            values[3] = tbs.issuer; 
            values[4] = tbs.validity;
            values[5] = tbs.subject;
            values[6] = tbs.subjectPublicKeyInfo;
            if (tbs.issuerUniqueID != null) {
                values[7] = new BitString(tbs.issuerUniqueID);
            }
            if (tbs.subjectUniqueID != null) {
                values[8] = new BitString(tbs.subjectUniqueID);
            }
            values[9] = tbs.extensions;
        }
    };
}