1b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallampackage org.bouncycastle.jce.provider; 2b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 3b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.io.ByteArrayOutputStream; 4b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.io.IOException; 5b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.math.BigInteger; 670c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstromimport java.net.InetAddress; 770c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstromimport java.net.UnknownHostException; 8b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.security.InvalidKeyException; 9b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.security.NoSuchAlgorithmException; 10b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.security.NoSuchProviderException; 11b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.security.Principal; 12b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.security.Provider; 13b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.security.PublicKey; 14b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.security.Security; 15b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.security.Signature; 16b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.security.SignatureException; 17b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.security.cert.Certificate; 18b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.security.cert.CertificateEncodingException; 19b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.security.cert.CertificateException; 20b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.security.cert.CertificateExpiredException; 21b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.security.cert.CertificateNotYetValidException; 22b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.security.cert.CertificateParsingException; 23b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.security.cert.X509Certificate; 24b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.util.ArrayList; 2544021512997b337e6079e46fd4230ce979c20b6fKenny Rootimport java.util.Collection; 26b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.util.Collections; 27b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.util.Date; 28b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.util.Enumeration; 29b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.util.HashSet; 30b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.util.List; 31b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.util.Set; 32b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 336e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstromimport javax.security.auth.x500.X500Principal; 346e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom 356e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstromimport org.bouncycastle.asn1.ASN1Encodable; 364c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport org.bouncycastle.asn1.ASN1Encoding; 376e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstromimport org.bouncycastle.asn1.ASN1InputStream; 384c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport org.bouncycastle.asn1.ASN1ObjectIdentifier; 396e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstromimport org.bouncycastle.asn1.ASN1OutputStream; 404c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport org.bouncycastle.asn1.ASN1Primitive; 416e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstromimport org.bouncycastle.asn1.ASN1Sequence; 4270c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstromimport org.bouncycastle.asn1.ASN1String; 436e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstromimport org.bouncycastle.asn1.DERBitString; 446e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstromimport org.bouncycastle.asn1.DERIA5String; 456e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstromimport org.bouncycastle.asn1.DERNull; 4670c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstromimport org.bouncycastle.asn1.DEROctetString; 476e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstromimport org.bouncycastle.asn1.misc.MiscObjectIdentifiers; 486e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstromimport org.bouncycastle.asn1.misc.NetscapeCertType; 496e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstromimport org.bouncycastle.asn1.misc.NetscapeRevocationURL; 506e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstromimport org.bouncycastle.asn1.misc.VerisignCzagExtension; 516e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstromimport org.bouncycastle.asn1.util.ASN1Dump; 524c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport org.bouncycastle.asn1.x500.X500Name; 5370c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstromimport org.bouncycastle.asn1.x500.style.RFC4519Style; 546e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstromimport org.bouncycastle.asn1.x509.AlgorithmIdentifier; 556e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstromimport org.bouncycastle.asn1.x509.BasicConstraints; 5670c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstromimport org.bouncycastle.asn1.x509.Extension; 5770c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstromimport org.bouncycastle.asn1.x509.Extensions; 5870c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstromimport org.bouncycastle.asn1.x509.GeneralName; 596e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstromimport org.bouncycastle.asn1.x509.KeyUsage; 6070c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom// BEGIN android-added 6170c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstromimport org.bouncycastle.asn1.x509.X509Name; 6270c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom// END android-added 634c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstromimport org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl; 646e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstromimport org.bouncycastle.jce.X509Principal; 656e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstromimport org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier; 666e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstromimport org.bouncycastle.util.Arrays; 6770c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstromimport org.bouncycastle.util.Integers; 686e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstromimport org.bouncycastle.util.encoders.Hex; 696e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom 70b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallampublic class X509CertificateObject 71b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam extends X509Certificate 72b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam implements PKCS12BagAttributeCarrier 73b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam{ 7470c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom private org.bouncycastle.asn1.x509.Certificate c; 75c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom private BasicConstraints basicConstraints; 76c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom private boolean[] keyUsage; 77c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom private boolean hashValueSet; 78c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom private int hashValue; 79c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 80c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom private PKCS12BagAttributeCarrier attrCarrier = new PKCS12BagAttributeCarrierImpl(); 81b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 82b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public X509CertificateObject( 8370c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom org.bouncycastle.asn1.x509.Certificate c) 84c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom throws CertificateParsingException 85b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 86b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam this.c = c; 87c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 88c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom try 89c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 90c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom byte[] bytes = this.getExtensionBytes("2.5.29.19"); 91c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 92c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (bytes != null) 93c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 944c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom basicConstraints = BasicConstraints.getInstance(ASN1Primitive.fromByteArray(bytes)); 95c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 96c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 97c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom catch (Exception e) 98c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 99c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom throw new CertificateParsingException("cannot construct BasicConstraints: " + e); 100c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 101c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 102c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom try 103c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 104c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom byte[] bytes = this.getExtensionBytes("2.5.29.15"); 105c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (bytes != null) 106c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 1074c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom DERBitString bits = DERBitString.getInstance(ASN1Primitive.fromByteArray(bytes)); 108c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 109c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom bytes = bits.getBytes(); 110c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom int length = (bytes.length * 8) - bits.getPadBits(); 111c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 112c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom keyUsage = new boolean[(length < 9) ? 9 : length]; 113c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 114c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom for (int i = 0; i != length; i++) 115c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 116c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom keyUsage[i] = (bytes[i / 8] & (0x80 >>> (i % 8))) != 0; 117c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 118c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 119c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom else 120c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 121c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom keyUsage = null; 122c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 123c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 124c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom catch (Exception e) 125c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 126c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom throw new CertificateParsingException("cannot construct KeyUsage: " + e); 127c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 128b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 129b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 130b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public void checkValidity() 131b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throws CertificateExpiredException, CertificateNotYetValidException 132b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 133b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam this.checkValidity(new Date()); 134b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 135b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 136b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public void checkValidity( 137b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam Date date) 138b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throws CertificateExpiredException, CertificateNotYetValidException 139b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 140c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (date.getTime() > this.getNotAfter().getTime()) // for other VM compatibility 141b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 142b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throw new CertificateExpiredException("certificate expired on " + c.getEndDate().getTime()); 143b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 144b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 145c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (date.getTime() < this.getNotBefore().getTime()) 146b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 147b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throw new CertificateNotYetValidException("certificate not valid till " + c.getStartDate().getTime()); 148b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 149b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 150b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 151b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public int getVersion() 152b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 15370c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom return c.getVersionNumber(); 154b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 155b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 156b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public BigInteger getSerialNumber() 157b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 158b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return c.getSerialNumber().getValue(); 159b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 160b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 161b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public Principal getIssuerDN() 162b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 1634c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom try 1644c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom { 1654c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom return new X509Principal(X500Name.getInstance(c.getIssuer().getEncoded())); 1664c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom } 1674c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom catch (IOException e) 1684c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom { 1694c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom return null; 1704c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom } 171b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 172b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 173b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public X500Principal getIssuerX500Principal() 174b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 175b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam try 176b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 177b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam ByteArrayOutputStream bOut = new ByteArrayOutputStream(); 178b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam ASN1OutputStream aOut = new ASN1OutputStream(bOut); 179b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 180b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam aOut.writeObject(c.getIssuer()); 181b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 182b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return new X500Principal(bOut.toByteArray()); 183b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 184b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam catch (IOException e) 185b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 186b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throw new IllegalStateException("can't encode issuer DN"); 187b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 188b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 189b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 190b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public Principal getSubjectDN() 191b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 1924c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom return new X509Principal(X500Name.getInstance(c.getSubject().toASN1Primitive())); 193b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 194b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 195b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public X500Principal getSubjectX500Principal() 196b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 197b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam try 198b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 199b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam ByteArrayOutputStream bOut = new ByteArrayOutputStream(); 200b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam ASN1OutputStream aOut = new ASN1OutputStream(bOut); 201b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 202b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam aOut.writeObject(c.getSubject()); 203b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 204b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return new X500Principal(bOut.toByteArray()); 205b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 206b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam catch (IOException e) 207b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 208b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throw new IllegalStateException("can't encode issuer DN"); 209b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 210b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 211b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 212b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public Date getNotBefore() 213b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 214b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return c.getStartDate().getDate(); 215b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 216b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 217b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public Date getNotAfter() 218b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 219b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return c.getEndDate().getDate(); 220b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 221b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 222b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public byte[] getTBSCertificate() 223b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throws CertificateEncodingException 224b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 225b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam try 226b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 2274c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom return c.getTBSCertificate().getEncoded(ASN1Encoding.DER); 228b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 229b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam catch (IOException e) 230b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 231b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throw new CertificateEncodingException(e.toString()); 232b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 233b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 234b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 235b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public byte[] getSignature() 236b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 237b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return c.getSignature().getBytes(); 238b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 239b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 240b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam /** 241b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * return a more "meaningful" representation for the signature algorithm used in 242b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * the certficate. 243b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */ 244b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public String getSigAlgName() 245b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 2466e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom Provider prov = Security.getProvider(BouncyCastleProvider.PROVIDER_NAME); 247b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 248c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (prov != null) 249b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 250c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom String algName = prov.getProperty("Alg.Alias.Signature." + this.getSigAlgOID()); 251c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 252c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (algName != null) 253c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 254c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return algName; 255c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 256b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 257b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 258b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam Provider[] provs = Security.getProviders(); 259b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 260b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // 261b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // search every provider looking for a real algorithm 262b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam // 263b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam for (int i = 0; i != provs.length; i++) 264b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 265c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom String algName = provs[i].getProperty("Alg.Alias.Signature." + this.getSigAlgOID()); 266b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (algName != null) 267b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 268b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return algName; 269b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 270b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 271b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 272b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return this.getSigAlgOID(); 273b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 274b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 275b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam /** 276b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * return the object identifier for the signature. 277b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */ 278b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public String getSigAlgOID() 279b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 28070c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom return c.getSignatureAlgorithm().getAlgorithm().getId(); 281b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 282b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 283b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam /** 284b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * return the signature parameters, or null if there aren't any. 285b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */ 286b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public byte[] getSigAlgParams() 287b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 288b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (c.getSignatureAlgorithm().getParameters() != null) 289b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 2904c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom try 2914c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom { 2924c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom return c.getSignatureAlgorithm().getParameters().toASN1Primitive().getEncoded(ASN1Encoding.DER); 2934c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom } 2944c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom catch (IOException e) 2954c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom { 2964c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom return null; 2974c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom } 298b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 299b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam else 300b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 301b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return null; 302b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 303b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 304b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 305b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public boolean[] getIssuerUniqueID() 306b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 307b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam DERBitString id = c.getTBSCertificate().getIssuerUniqueId(); 308b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 309b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (id != null) 310b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 311b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam byte[] bytes = id.getBytes(); 312b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam boolean[] boolId = new boolean[bytes.length * 8 - id.getPadBits()]; 313b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 314b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam for (int i = 0; i != boolId.length; i++) 315b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 316b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam boolId[i] = (bytes[i / 8] & (0x80 >>> (i % 8))) != 0; 317b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 318b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 319b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return boolId; 320b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 321b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 322b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return null; 323b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 324b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 325b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public boolean[] getSubjectUniqueID() 326b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 327b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam DERBitString id = c.getTBSCertificate().getSubjectUniqueId(); 328b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 329b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (id != null) 330b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 331b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam byte[] bytes = id.getBytes(); 332b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam boolean[] boolId = new boolean[bytes.length * 8 - id.getPadBits()]; 333b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 334b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam for (int i = 0; i != boolId.length; i++) 335b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 336b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam boolId[i] = (bytes[i / 8] & (0x80 >>> (i % 8))) != 0; 337b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 338b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 339b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return boolId; 340b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 341b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 342b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return null; 343b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 344b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 345b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public boolean[] getKeyUsage() 346b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 347c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return keyUsage; 348b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 349b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 350b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public List getExtendedKeyUsage() 351b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throws CertificateParsingException 352b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 353b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam byte[] bytes = this.getExtensionBytes("2.5.29.37"); 354b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 355b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (bytes != null) 356b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 357b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam try 358b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 359b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam ASN1InputStream dIn = new ASN1InputStream(bytes); 360b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam ASN1Sequence seq = (ASN1Sequence)dIn.readObject(); 361b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam List list = new ArrayList(); 362b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 363b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam for (int i = 0; i != seq.size(); i++) 364b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 36570c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom list.add(((ASN1ObjectIdentifier)seq.getObjectAt(i)).getId()); 366b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 367b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 368b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return Collections.unmodifiableList(list); 369b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 370b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam catch (Exception e) 371b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 372b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throw new CertificateParsingException("error processing extended key usage extension"); 373b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 374b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 375b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 376b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return null; 377b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 378b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 379b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public int getBasicConstraints() 380b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 381c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (basicConstraints != null) 382b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 383c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (basicConstraints.isCA()) 384b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 385c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (basicConstraints.getPathLenConstraint() == null) 386b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 387c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return Integer.MAX_VALUE; 388b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 389c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom else 390b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 391c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return basicConstraints.getPathLenConstraint().intValue(); 392b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 393b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 394c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom else 395b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 396c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return -1; 397b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 398b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 399b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 400b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return -1; 401b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 402b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 40370c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom public Collection getSubjectAlternativeNames() 40470c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom throws CertificateParsingException 40570c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom { 40670c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom return getAlternativeNames(getExtensionBytes(Extension.subjectAlternativeName.getId())); 40770c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom } 40870c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom 40970c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom public Collection getIssuerAlternativeNames() 41070c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom throws CertificateParsingException 41170c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom { 41270c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom return getAlternativeNames(getExtensionBytes(Extension.issuerAlternativeName.getId())); 41370c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom } 41470c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom 415b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public Set getCriticalExtensionOIDs() 416b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 417b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (this.getVersion() == 3) 418b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 419b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam Set set = new HashSet(); 42070c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom Extensions extensions = c.getTBSCertificate().getExtensions(); 421b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 422b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (extensions != null) 423b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 424b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam Enumeration e = extensions.oids(); 425b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 426b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam while (e.hasMoreElements()) 427b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 42870c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement(); 42970c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom Extension ext = extensions.getExtension(oid); 430b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 431b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (ext.isCritical()) 432b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 433b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam set.add(oid.getId()); 434b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 435b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 436b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 437b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return set; 438b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 439b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 440b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 441b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return null; 442b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 443b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 444b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam private byte[] getExtensionBytes(String oid) 445b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 44670c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom Extensions exts = c.getTBSCertificate().getExtensions(); 447b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 448b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (exts != null) 449b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 45070c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom Extension ext = exts.getExtension(new ASN1ObjectIdentifier(oid)); 451b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (ext != null) 452b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 45370c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom return ext.getExtnValue().getOctets(); 454b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 455b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 456b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 457b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return null; 458b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 459b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 460b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public byte[] getExtensionValue(String oid) 461b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 46270c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom Extensions exts = c.getTBSCertificate().getExtensions(); 463b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 464b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (exts != null) 465b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 46670c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom Extension ext = exts.getExtension(new ASN1ObjectIdentifier(oid)); 467b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 468b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (ext != null) 469b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 470b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam try 471b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 47270c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom return ext.getExtnValue().getEncoded(); 473b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 474b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam catch (Exception e) 475b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 476c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom throw new IllegalStateException("error parsing " + e.toString()); 477b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 478b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 479b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 480b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 481b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return null; 482b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 483b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 484b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public Set getNonCriticalExtensionOIDs() 485b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 486b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (this.getVersion() == 3) 487b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 488b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam Set set = new HashSet(); 48970c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom Extensions extensions = c.getTBSCertificate().getExtensions(); 490b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 491b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (extensions != null) 492b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 493b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam Enumeration e = extensions.oids(); 494b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 495b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam while (e.hasMoreElements()) 496b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 49770c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement(); 49870c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom Extension ext = extensions.getExtension(oid); 499b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 500b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (!ext.isCritical()) 501b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 502b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam set.add(oid.getId()); 503b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 504b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 505b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 506b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return set; 507b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 508b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 509b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 510b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return null; 511b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 512b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 513b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public boolean hasUnsupportedCriticalExtension() 514b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 515b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (this.getVersion() == 3) 516b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 51770c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom Extensions extensions = c.getTBSCertificate().getExtensions(); 518b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 519b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (extensions != null) 520b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 521b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam Enumeration e = extensions.oids(); 522b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 523b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam while (e.hasMoreElements()) 524b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 52570c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement(); 526c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom String oidId = oid.getId(); 527c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 528c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (oidId.equals(RFC3280CertPathUtilities.KEY_USAGE) 529c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom || oidId.equals(RFC3280CertPathUtilities.CERTIFICATE_POLICIES) 530c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom || oidId.equals(RFC3280CertPathUtilities.POLICY_MAPPINGS) 531c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom || oidId.equals(RFC3280CertPathUtilities.INHIBIT_ANY_POLICY) 532c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom || oidId.equals(RFC3280CertPathUtilities.CRL_DISTRIBUTION_POINTS) 533c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom || oidId.equals(RFC3280CertPathUtilities.ISSUING_DISTRIBUTION_POINT) 534c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom || oidId.equals(RFC3280CertPathUtilities.DELTA_CRL_INDICATOR) 535c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom || oidId.equals(RFC3280CertPathUtilities.POLICY_CONSTRAINTS) 536c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom || oidId.equals(RFC3280CertPathUtilities.BASIC_CONSTRAINTS) 537c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom || oidId.equals(RFC3280CertPathUtilities.SUBJECT_ALTERNATIVE_NAME) 538c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom || oidId.equals(RFC3280CertPathUtilities.NAME_CONSTRAINTS)) 539b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 540b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam continue; 541b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 542b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 54370c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom Extension ext = extensions.getExtension(oid); 544b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 545b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (ext.isCritical()) 546b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 547b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return true; 548b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 549b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 550b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 551b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 552b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 553b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return false; 554b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 555b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 556b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public PublicKey getPublicKey() 557b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 5584c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom try 5594c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom { 5604c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom return BouncyCastleProvider.getPublicKey(c.getSubjectPublicKeyInfo()); 5614c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom } 5624c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom catch (IOException e) 5634c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom { 5644c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom return null; // should never happen... 5654c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom } 566b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 567b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 568c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom // BEGIN android-changed 569c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom private byte[] encoded; 570c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom // END android-changed 571b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public byte[] getEncoded() 572c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom throws CertificateEncodingException 573c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 574c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom try 575c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 576c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom // BEGIN android-changed 577c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (encoded == null) { 5784c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom encoded = c.getEncoded(ASN1Encoding.DER); 579b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 580c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return encoded; 581c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom // END android-changed 582c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 583c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom catch (IOException e) 584c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 585c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom throw new CertificateEncodingException(e.toString()); 586b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 587b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 588b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 589b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public boolean equals( 590b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam Object o) 591b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 592b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (o == this) 593b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 594b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return true; 595b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 5966e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom 597b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (!(o instanceof Certificate)) 598b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 599b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return false; 600b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 601b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 602b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam Certificate other = (Certificate)o; 6036e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom 604b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam try 605b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 606b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam byte[] b1 = this.getEncoded(); 607b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam byte[] b2 = other.getEncoded(); 6086e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom 609b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return Arrays.areEqual(b1, b2); 610b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 611b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam catch (CertificateEncodingException e) 612b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 613b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return false; 614b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 615b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 616b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 617c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom public synchronized int hashCode() 618b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 619c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom if (!hashValueSet) 620c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 621c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom hashValue = calculateHashCode(); 622c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom hashValueSet = true; 623c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 624c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 625c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return hashValue; 626b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 627b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 628c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom private int calculateHashCode() 629c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 630c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom try 631c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 6326e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom int hashCode = 0; 6336e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom byte[] certData = this.getEncoded(); 6346e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom for (int i = 1; i < certData.length; i++) 6356e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom { 6366e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom hashCode += certData[i] * i; 6376e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom } 6386e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom return hashCode; 639c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 640c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom catch (CertificateEncodingException e) 641c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom { 642c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return 0; 643c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 644c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom } 645c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 646b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public void setBagAttribute( 6474c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom ASN1ObjectIdentifier oid, 6484c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom ASN1Encodable attribute) 649b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 650c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom attrCarrier.setBagAttribute(oid, attribute); 651b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 652b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 6534c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom public ASN1Encodable getBagAttribute( 65470c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom ASN1ObjectIdentifier oid) 655b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 656c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return attrCarrier.getBagAttribute(oid); 657b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 658b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 659b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public Enumeration getBagAttributeKeys() 660b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 661c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom return attrCarrier.getBagAttributeKeys(); 662b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 663b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 664b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public String toString() 665b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 666b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam StringBuffer buf = new StringBuffer(); 667b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam String nl = System.getProperty("line.separator"); 668b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 669b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam buf.append(" [0] Version: ").append(this.getVersion()).append(nl); 670b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam buf.append(" SerialNumber: ").append(this.getSerialNumber()).append(nl); 671b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam buf.append(" IssuerDN: ").append(this.getIssuerDN()).append(nl); 672b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam buf.append(" Start Date: ").append(this.getNotBefore()).append(nl); 673b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam buf.append(" Final Date: ").append(this.getNotAfter()).append(nl); 674b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam buf.append(" SubjectDN: ").append(this.getSubjectDN()).append(nl); 675b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam buf.append(" Public Key: ").append(this.getPublicKey()).append(nl); 676b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam buf.append(" Signature Algorithm: ").append(this.getSigAlgName()).append(nl); 677b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 678b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam byte[] sig = this.getSignature(); 679b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 680b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam buf.append(" Signature: ").append(new String(Hex.encode(sig, 0, 20))).append(nl); 681b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam for (int i = 20; i < sig.length; i += 20) 682b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 683b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (i < sig.length - 20) 684b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 685b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam buf.append(" ").append(new String(Hex.encode(sig, i, 20))).append(nl); 686b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 687b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam else 688b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 689b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam buf.append(" ").append(new String(Hex.encode(sig, i, sig.length - i))).append(nl); 690b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 691b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 692b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 69370c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom Extensions extensions = c.getTBSCertificate().getExtensions(); 694b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 695b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (extensions != null) 696b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 697b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam Enumeration e = extensions.oids(); 698b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 699b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (e.hasMoreElements()) 700b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 701b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam buf.append(" Extensions: \n"); 702b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 703b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 704b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam while (e.hasMoreElements()) 705b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 70670c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement(); 70770c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom Extension ext = extensions.getExtension(oid); 708b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 70970c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom if (ext.getExtnValue() != null) 710b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 71170c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom byte[] octs = ext.getExtnValue().getOctets(); 712b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam ASN1InputStream dIn = new ASN1InputStream(octs); 713b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam buf.append(" critical(").append(ext.isCritical()).append(") "); 714b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam try 715b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 71670c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom if (oid.equals(Extension.basicConstraints)) 717b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 7184c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom buf.append(BasicConstraints.getInstance(dIn.readObject())).append(nl); 719b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 72070c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom else if (oid.equals(Extension.keyUsage)) 721b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 72270c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom buf.append(KeyUsage.getInstance(dIn.readObject())).append(nl); 723b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 724b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam else if (oid.equals(MiscObjectIdentifiers.netscapeCertType)) 725b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 726b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam buf.append(new NetscapeCertType((DERBitString)dIn.readObject())).append(nl); 727b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 728b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam else if (oid.equals(MiscObjectIdentifiers.netscapeRevocationURL)) 729b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 730b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam buf.append(new NetscapeRevocationURL((DERIA5String)dIn.readObject())).append(nl); 731b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 732b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam else if (oid.equals(MiscObjectIdentifiers.verisignCzagExtension)) 733b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 734b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam buf.append(new VerisignCzagExtension((DERIA5String)dIn.readObject())).append(nl); 735b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 736b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam else 737b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 738b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam buf.append(oid.getId()); 739b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam buf.append(" value = ").append(ASN1Dump.dumpAsString(dIn.readObject())).append(nl); 740b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam //buf.append(" value = ").append("*****").append(nl); 741b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 742b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 743b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam catch (Exception ex) 744b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 745b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam buf.append(oid.getId()); 74670c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom // buf.append(" value = ").append(new String(Hex.encode(ext.getExtnValue().getOctets()))).append(nl); 747b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam buf.append(" value = ").append("*****").append(nl); 748b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 749b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 750b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam else 751b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 752b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam buf.append(nl); 753b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 754b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 755b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 756b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 757b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return buf.toString(); 758b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 759b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 760b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public final void verify( 761b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam PublicKey key) 762b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throws CertificateException, NoSuchAlgorithmException, 763b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam InvalidKeyException, NoSuchProviderException, SignatureException 764b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 765c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom Signature signature; 766b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam String sigName = X509SignatureUtil.getSignatureName(c.getSignatureAlgorithm()); 7674c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom 768b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam try 769b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 7706e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom signature = Signature.getInstance(sigName, BouncyCastleProvider.PROVIDER_NAME); 771b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 772b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam catch (Exception e) 773b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 774b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam signature = Signature.getInstance(sigName); 775b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 776b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 777b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam checkSignature(key, signature); 778b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 779b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 780b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public final void verify( 781b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam PublicKey key, 782b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam String sigProvider) 783b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throws CertificateException, NoSuchAlgorithmException, 784b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam InvalidKeyException, NoSuchProviderException, SignatureException 785b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 786b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam String sigName = X509SignatureUtil.getSignatureName(c.getSignatureAlgorithm()); 787b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam Signature signature = Signature.getInstance(sigName, sigProvider); 788b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 789b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam checkSignature(key, signature); 790b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 791b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 792b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam private void checkSignature( 793b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam PublicKey key, 794b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam Signature signature) 795b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throws CertificateException, NoSuchAlgorithmException, 796c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom SignatureException, InvalidKeyException 797b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 7986e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom if (!isAlgIdEqual(c.getSignatureAlgorithm(), c.getTBSCertificate().getSignature())) 799b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 800b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throw new CertificateException("signature algorithm in TBS cert not same as outer cert"); 801b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 802b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 8034c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom ASN1Encodable params = c.getSignatureAlgorithm().getParameters(); 804c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom 805c37f4a04ef89e73a39a59f3c5a179af8c8ab5974Brian Carlstrom // TODO This should go after the initVerify? 806b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam X509SignatureUtil.setSignatureParameters(signature, params); 807b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 808b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam signature.initVerify(key); 809b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 810b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam signature.update(this.getTBSCertificate()); 811b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 812b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (!signature.verify(this.getSignature())) 813b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 8144c111300c39cb2e27f07fc2ae3b00e23ed4443b2Brian Carlstrom throw new SignatureException("certificate does not verify with supplied key"); 815b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 816b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 8176e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom 8186e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom private boolean isAlgIdEqual(AlgorithmIdentifier id1, AlgorithmIdentifier id2) 8196e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom { 82070c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom if (!id1.getAlgorithm().equals(id2.getAlgorithm())) 8216e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom { 8226e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom return false; 8236e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom } 8246e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom 8256e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom if (id1.getParameters() == null) 8266e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom { 8276e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom if (id2.getParameters() != null && !id2.getParameters().equals(DERNull.INSTANCE)) 8286e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom { 8296e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom return false; 8306e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom } 8316e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom 8326e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom return true; 8336e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom } 8346e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom 8356e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom if (id2.getParameters() == null) 8366e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom { 8376e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom if (id1.getParameters() != null && !id1.getParameters().equals(DERNull.INSTANCE)) 8386e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom { 8396e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom return false; 8406e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom } 8416e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom 8426e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom return true; 8436e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom } 8446e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom 8456e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom return id1.getParameters().equals(id2.getParameters()); 8466e736056d64d0e33b26cf9f7c4e351b496241fdeBrian Carlstrom } 84770c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom 84870c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom private static Collection getAlternativeNames(byte[] extVal) 84970c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom throws CertificateParsingException 850ff0245ce2d444ef9929617dd87930e96fd1b8eb0Kenny Root { 85170c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom if (extVal == null) 85270c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom { 85370c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom return null; 85470c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom } 85570c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom try 85670c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom { 85770c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom Collection temp = new ArrayList(); 85870c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom Enumeration it = ASN1Sequence.getInstance(extVal).getObjects(); 85970c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom while (it.hasMoreElements()) 86070c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom { 86170c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom GeneralName genName = GeneralName.getInstance(it.nextElement()); 86270c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom List list = new ArrayList(); 86370c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom list.add(Integers.valueOf(genName.getTagNo())); 86470c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom switch (genName.getTagNo()) 86570c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom { 86670c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom case GeneralName.ediPartyName: 86770c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom case GeneralName.x400Address: 86870c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom case GeneralName.otherName: 86970c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom list.add(genName.getEncoded()); 87070c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom break; 87170c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom case GeneralName.directoryName: 87270c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom // BEGIN android-changed 87370c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols)); 87470c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom // END android-changed 87570c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom break; 87670c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom case GeneralName.dNSName: 87770c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom case GeneralName.rfc822Name: 87870c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom case GeneralName.uniformResourceIdentifier: 87970c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom list.add(((ASN1String)genName.getName()).getString()); 88070c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom break; 88170c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom case GeneralName.registeredID: 88270c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom list.add(ASN1ObjectIdentifier.getInstance(genName.getName()).getId()); 88370c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom break; 88470c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom case GeneralName.iPAddress: 88570c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom byte[] addrBytes = DEROctetString.getInstance(genName.getName()).getOctets(); 88670c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom final String addr; 88770c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom try 88870c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom { 88970c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom addr = InetAddress.getByAddress(addrBytes).getHostAddress(); 89070c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom } 89170c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom catch (UnknownHostException e) 89270c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom { 89370c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom continue; 89470c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom } 89570c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom list.add(addr); 89670c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom break; 89770c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom default: 89870c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom throw new IOException("Bad tag number: " + genName.getTagNo()); 89970c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom } 90070c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom 90170c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom temp.add(Collections.unmodifiableList(list)); 90270c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom } 90370c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom if (temp.size() == 0) 90470c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom { 90570c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom return null; 90670c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom } 90770c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom return Collections.unmodifiableCollection(temp); 90870c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom } 90970c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom catch (Exception e) 91070c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom { 91170c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom throw new CertificateParsingException(e.getMessage()); 91270c8287138e69a98c2f950036f9f703ee37228c8Brian Carlstrom } 913ff0245ce2d444ef9929617dd87930e96fd1b8eb0Kenny Root } 914b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam} 915