package org.bouncycastle.asn1.x509;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.DERUTCTime;
import org.bouncycastle.asn1.x500.X500Name;
Generator for Version 3 TBSCertificateStructures.
TBSCertificate ::= SEQUENCE {
version [ 0 ] Version DEFAULT v1(0),
serialNumber CertificateSerialNumber,
signature AlgorithmIdentifier,
issuer Name,
validity Validity,
subject Name,
subjectPublicKeyInfo SubjectPublicKeyInfo,
issuerUniqueID [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
subjectUniqueID [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
extensions [ 3 ] Extensions OPTIONAL
}
/**
* Generator for Version 3 TBSCertificateStructures.
* <pre>
* TBSCertificate ::= SEQUENCE {
* version [ 0 ] Version DEFAULT v1(0),
* serialNumber CertificateSerialNumber,
* signature AlgorithmIdentifier,
* issuer Name,
* validity Validity,
* subject Name,
* subjectPublicKeyInfo SubjectPublicKeyInfo,
* issuerUniqueID [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
* subjectUniqueID [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
* extensions [ 3 ] Extensions OPTIONAL
* }
* </pre>
*
*/
public class V3TBSCertificateGenerator
{
DERTaggedObject version = new DERTaggedObject(0, new DERInteger(2));
DERInteger serialNumber;
AlgorithmIdentifier signature;
X509Name issuer;
Time startDate, endDate;
X509Name subject;
SubjectPublicKeyInfo subjectPublicKeyInfo;
X509Extensions extensions;
private boolean altNamePresentAndCritical;
private DERBitString issuerUniqueID;
private DERBitString subjectUniqueID;
public V3TBSCertificateGenerator()
{
}
public void setSerialNumber(
DERInteger serialNumber)
{
this.serialNumber = serialNumber;
}
public void setSignature(
AlgorithmIdentifier signature)
{
this.signature = signature;
}
public void setIssuer(
X509Name issuer)
{
this.issuer = issuer;
}
public void setIssuer(
X500Name issuer)
{
this.issuer = X509Name.getInstance(issuer.getDERObject());
}
public void setStartDate(
DERUTCTime startDate)
{
this.startDate = new Time(startDate);
}
public void setStartDate(
Time startDate)
{
this.startDate = startDate;
}
public void setEndDate(
DERUTCTime endDate)
{
this.endDate = new Time(endDate);
}
public void setEndDate(
Time endDate)
{
this.endDate = endDate;
}
public void setSubject(
X509Name subject)
{
this.subject = subject;
}
public void setSubject(
X500Name subject)
{
this.subject = X509Name.getInstance(subject.getDERObject());
}
public void setIssuerUniqueID(
DERBitString uniqueID)
{
this.issuerUniqueID = uniqueID;
}
public void setSubjectUniqueID(
DERBitString uniqueID)
{
this.subjectUniqueID = uniqueID;
}
public void setSubjectPublicKeyInfo(
SubjectPublicKeyInfo pubKeyInfo)
{
this.subjectPublicKeyInfo = pubKeyInfo;
}
public void setExtensions(
X509Extensions extensions)
{
this.extensions = extensions;
if (extensions != null)
{
X509Extension altName = extensions.getExtension(X509Extensions.SubjectAlternativeName);
if (altName != null && altName.isCritical())
{
altNamePresentAndCritical = true;
}
}
}
public TBSCertificateStructure generateTBSCertificate()
{
if ((serialNumber == null) || (signature == null)
|| (issuer == null) || (startDate == null) || (endDate == null)
|| (subject == null && !altNamePresentAndCritical) || (subjectPublicKeyInfo == null))
{
throw new IllegalStateException("not all mandatory fields set in V3 TBScertificate generator");
}
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(version);
v.add(serialNumber);
v.add(signature);
v.add(issuer);
//
// before and after dates
//
ASN1EncodableVector validity = new ASN1EncodableVector();
validity.add(startDate);
validity.add(endDate);
v.add(new DERSequence(validity));
if (subject != null)
{
v.add(subject);
}
else
{
v.add(new DERSequence());
}
v.add(subjectPublicKeyInfo);
if (issuerUniqueID != null)
{
v.add(new DERTaggedObject(false, 1, issuerUniqueID));
}
if (subjectUniqueID != null)
{
v.add(new DERTaggedObject(false, 2, subjectUniqueID));
}
if (extensions != null)
{
v.add(new DERTaggedObject(3, extensions));
}
return new TBSCertificateStructure(new DERSequence(v));
}
}