1e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrompackage org.bouncycastle.cert; 2e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 3e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.io.IOException; 4e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.io.OutputStream; 5e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.text.ParseException; 6e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.util.ArrayList; 7e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.util.Arrays; 8e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.util.Collections; 9e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.util.Date; 10e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.util.HashSet; 11e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.util.List; 12e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport java.util.Set; 13e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 14e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.ASN1Encodable; 15e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.ASN1EncodableVector; 1670c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstromimport org.bouncycastle.asn1.ASN1GeneralizedTime; 17e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.ASN1ObjectIdentifier; 18e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.DERBitString; 1970c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstromimport org.bouncycastle.asn1.DERNull; 20e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.DEROutputStream; 21e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.DERSequence; 22e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.x509.AlgorithmIdentifier; 23e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.x509.AttributeCertificate; 24e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.x509.AttributeCertificateInfo; 25e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.x509.Certificate; 26e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.x509.CertificateList; 27e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.x509.Extensions; 28e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.x509.ExtensionsGenerator; 29e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.x509.TBSCertList; 30e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.asn1.x509.TBSCertificate; 31e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromimport org.bouncycastle.operator.ContentSigner; 32e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 33e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstromclass CertUtils 34e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom{ 35e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private static Set EMPTY_SET = Collections.unmodifiableSet(new HashSet()); 36e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private static List EMPTY_LIST = Collections.unmodifiableList(new ArrayList()); 37e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 38e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static X509CertificateHolder generateFullCert(ContentSigner signer, TBSCertificate tbsCert) 39e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 40e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 41e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 42e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new X509CertificateHolder(generateStructure(tbsCert, signer.getAlgorithmIdentifier(), generateSig(signer, tbsCert))); 43e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 44e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (IOException e) 45e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 46e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new IllegalStateException("cannot produce certificate signature"); 47e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 48e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 49e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 50e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static X509AttributeCertificateHolder generateFullAttrCert(ContentSigner signer, AttributeCertificateInfo attrInfo) 51e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 52e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 53e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 54e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new X509AttributeCertificateHolder(generateAttrStructure(attrInfo, signer.getAlgorithmIdentifier(), generateSig(signer, attrInfo))); 55e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 56e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (IOException e) 57e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 58e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new IllegalStateException("cannot produce attribute certificate signature"); 59e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 60e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 61e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 62e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static X509CRLHolder generateFullCRL(ContentSigner signer, TBSCertList tbsCertList) 63e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 64e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 65e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 66e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new X509CRLHolder(generateCRLStructure(tbsCertList, signer.getAlgorithmIdentifier(), generateSig(signer, tbsCertList))); 67e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 68e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (IOException e) 69e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 70e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new IllegalStateException("cannot produce certificate signature"); 71e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 72e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 73e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 74e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private static byte[] generateSig(ContentSigner signer, ASN1Encodable tbsObj) 75e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws IOException 76e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 77e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom OutputStream sOut = signer.getOutputStream(); 78e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom DEROutputStream dOut = new DEROutputStream(sOut); 79e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 80e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom dOut.writeObject(tbsObj); 81e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 82e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom sOut.close(); 83e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 84e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return signer.getSignature(); 85e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 86e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 87e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private static Certificate generateStructure(TBSCertificate tbsCert, AlgorithmIdentifier sigAlgId, byte[] signature) 88e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 89e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1EncodableVector v = new ASN1EncodableVector(); 90e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 91e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom v.add(tbsCert); 92e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom v.add(sigAlgId); 93e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom v.add(new DERBitString(signature)); 94e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 95e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return Certificate.getInstance(new DERSequence(v)); 96e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 97e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 98e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private static AttributeCertificate generateAttrStructure(AttributeCertificateInfo attrInfo, AlgorithmIdentifier sigAlgId, byte[] signature) 99e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 100e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1EncodableVector v = new ASN1EncodableVector(); 101e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 102e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom v.add(attrInfo); 103e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom v.add(sigAlgId); 104e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom v.add(new DERBitString(signature)); 105e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 106e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return AttributeCertificate.getInstance(new DERSequence(v)); 107e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 108e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 109e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom private static CertificateList generateCRLStructure(TBSCertList tbsCertList, AlgorithmIdentifier sigAlgId, byte[] signature) 110e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 111e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom ASN1EncodableVector v = new ASN1EncodableVector(); 112e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 113e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom v.add(tbsCertList); 114e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom v.add(sigAlgId); 115e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom v.add(new DERBitString(signature)); 116e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 117e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return CertificateList.getInstance(new DERSequence(v)); 118e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 119e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 120e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static Set getCriticalExtensionOIDs(Extensions extensions) 121e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 122e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (extensions == null) 123e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 124e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return EMPTY_SET; 125e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 126e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 127e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return Collections.unmodifiableSet(new HashSet(Arrays.asList(extensions.getCriticalExtensionOIDs()))); 128e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 129e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 130e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static Set getNonCriticalExtensionOIDs(Extensions extensions) 131e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 132e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (extensions == null) 133e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 134e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return EMPTY_SET; 135e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 136e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 137e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom // TODO: should probably produce a set that imposes correct ordering 138e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return Collections.unmodifiableSet(new HashSet(Arrays.asList(extensions.getNonCriticalExtensionOIDs()))); 139e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 140e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 141e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static List getExtensionOIDs(Extensions extensions) 142e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 143e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (extensions == null) 144e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 145e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return EMPTY_LIST; 146e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 147e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 148e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return Collections.unmodifiableList(Arrays.asList(extensions.getExtensionOIDs())); 149e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 150e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 151e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static void addExtension(ExtensionsGenerator extGenerator, ASN1ObjectIdentifier oid, boolean isCritical, ASN1Encodable value) 152e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throws CertIOException 153e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 154e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 155e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 156e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom extGenerator.addExtension(oid, isCritical, value); 157e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 158e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (IOException e) 159e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 160e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new CertIOException("cannot encode extension: " + e.getMessage(), e); 161e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 162e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 163e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 164e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static DERBitString booleanToBitString(boolean[] id) 165e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 166e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom byte[] bytes = new byte[(id.length + 7) / 8]; 167e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 168e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom for (int i = 0; i != id.length; i++) 169e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 170e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom bytes[i / 8] |= (id[i]) ? (1 << ((7 - (i % 8)))) : 0; 171e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 172e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 173e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom int pad = id.length % 8; 174e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 175e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (pad == 0) 176e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 177e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new DERBitString(bytes); 178e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 179e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom else 180e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 181e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return new DERBitString(bytes, 8 - pad); 182e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 183e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 184e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 185e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom static boolean[] bitStringToBoolean(DERBitString bitString) 186e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 187e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom if (bitString != null) 188e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 189e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom byte[] bytes = bitString.getBytes(); 190e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom boolean[] boolId = new boolean[bytes.length * 8 - bitString.getPadBits()]; 191e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 192e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom for (int i = 0; i != boolId.length; i++) 193e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 194e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom boolId[i] = (bytes[i / 8] & (0x80 >>> (i % 8))) != 0; 195e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 196e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 197e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return boolId; 198e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 199e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 200e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return null; 201e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 202e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom 20370c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom static Date recoverDate(ASN1GeneralizedTime time) 204e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 205e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom try 206e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 207e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom return time.getDate(); 208e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 209e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom catch (ParseException e) 210e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom { 211e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom throw new IllegalStateException("unable to recover date: " + e.getMessage()); 212e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 213e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom } 21470c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom 21570c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom static boolean isAlgIdEqual(AlgorithmIdentifier id1, AlgorithmIdentifier id2) 21670c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom { 21770c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom if (!id1.getAlgorithm().equals(id2.getAlgorithm())) 21870c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom { 21970c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom return false; 22070c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom } 22170c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom 22270c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom if (id1.getParameters() == null) 22370c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom { 22470c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom if (id2.getParameters() != null && !id2.getParameters().equals(DERNull.INSTANCE)) 22570c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom { 22670c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom return false; 22770c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom } 22870c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom 22970c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom return true; 23070c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom } 23170c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom 23270c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom if (id2.getParameters() == null) 23370c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom { 23470c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom if (id1.getParameters() != null && !id1.getParameters().equals(DERNull.INSTANCE)) 23570c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom { 23670c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom return false; 23770c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom } 23870c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom 23970c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom return true; 24070c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom } 24170c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom 24270c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom return id1.getParameters().equals(id2.getParameters()); 24370c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom } 244e6bf3e8dfa2804891a82075cb469b736321b4827Brian Carlstrom} 245