1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
|
11 | |
package org.openpermis.cert; |
12 | |
|
13 | |
import java.io.ByteArrayInputStream; |
14 | |
import java.io.ByteArrayOutputStream; |
15 | |
import java.io.IOException; |
16 | |
import java.io.InputStream; |
17 | |
import java.security.InvalidKeyException; |
18 | |
import java.security.NoSuchAlgorithmException; |
19 | |
import java.security.NoSuchProviderException; |
20 | |
import java.security.PublicKey; |
21 | |
import java.security.Signature; |
22 | |
import java.security.SignatureException; |
23 | |
import java.security.cert.Certificate; |
24 | |
import java.security.cert.CertificateEncodingException; |
25 | |
import java.security.cert.CertificateException; |
26 | |
import java.security.cert.X509Extension; |
27 | |
import java.util.Date; |
28 | |
import java.util.Set; |
29 | |
|
30 | |
import org.bouncycastle.asn1.ASN1InputStream; |
31 | |
import org.bouncycastle.x509.AttributeCertificateHolder; |
32 | |
import org.bouncycastle.x509.AttributeCertificateIssuer; |
33 | |
import org.bouncycastle.x509.X509Attribute; |
34 | |
import org.bouncycastle.x509.X509AttributeCertificate; |
35 | |
import org.bouncycastle.x509.X509V2AttributeCertificate; |
36 | |
|
37 | |
|
38 | |
|
39 | |
|
40 | |
|
41 | |
|
42 | |
|
43 | |
|
44 | |
|
45 | |
|
46 | |
public class AttributeCertificate extends Certificate implements X509Extension { |
47 | |
|
48 | |
|
49 | |
|
50 | |
private static final long serialVersionUID = 1L; |
51 | |
|
52 | |
private static final int INTERNAL_BUFFER_SIZE = 1024; |
53 | |
|
54 | |
|
55 | |
|
56 | |
|
57 | |
|
58 | |
|
59 | |
private byte[] encoded; |
60 | |
|
61 | |
|
62 | |
|
63 | |
|
64 | |
private org.bouncycastle.asn1.x509.AttributeCertificate asnDecoded; |
65 | |
|
66 | |
|
67 | |
|
68 | |
|
69 | |
private X509AttributeCertificate ac; |
70 | |
|
71 | |
|
72 | |
|
73 | |
|
74 | |
|
75 | |
|
76 | |
|
77 | |
|
78 | |
|
79 | |
|
80 | |
|
81 | |
public AttributeCertificate (InputStream derStream) throws IOException { |
82 | 17 | super("X.509"); |
83 | 17 | if (derStream == null) { |
84 | 0 | throw new IllegalArgumentException("derStream is null"); |
85 | |
} |
86 | |
|
87 | |
|
88 | 17 | ByteArrayOutputStream baos = new ByteArrayOutputStream(); |
89 | 17 | byte[] buffer = new byte[INTERNAL_BUFFER_SIZE]; |
90 | 17 | int readBytes = 0; |
91 | 34 | while ((readBytes = derStream.read(buffer)) > -1) { |
92 | 17 | baos.write(buffer, 0, readBytes); |
93 | |
} |
94 | 17 | this.encoded = baos.toByteArray(); |
95 | 17 | this.asnDecoded = org.bouncycastle.asn1.x509.AttributeCertificate.getInstance( |
96 | |
new ASN1InputStream(new ByteArrayInputStream(this.encoded)).readObject() |
97 | |
); |
98 | 16 | this.ac = new X509V2AttributeCertificate(this.encoded); |
99 | 16 | } |
100 | |
|
101 | |
|
102 | |
|
103 | |
|
104 | |
|
105 | |
|
106 | |
|
107 | |
|
108 | |
public AttributeCertificate (byte[] derEncoded) throws IOException { |
109 | 7 | super("X.509"); |
110 | 7 | if (derEncoded == null) { |
111 | 0 | throw new IllegalArgumentException("derEncoded is null"); |
112 | |
} |
113 | 7 | this.encoded = derEncoded; |
114 | 7 | this.asnDecoded = org.bouncycastle.asn1.x509.AttributeCertificate.getInstance( |
115 | |
new ASN1InputStream(new ByteArrayInputStream(this.encoded)).readObject() |
116 | |
); |
117 | 7 | this.ac = new X509V2AttributeCertificate(this.encoded); |
118 | 7 | } |
119 | |
|
120 | |
|
121 | |
|
122 | |
|
123 | |
|
124 | |
|
125 | |
|
126 | |
|
127 | |
|
128 | |
public Date getNotBefore () { |
129 | 9 | return this.ac.getNotBefore(); |
130 | |
} |
131 | |
|
132 | |
|
133 | |
|
134 | |
|
135 | |
|
136 | |
|
137 | |
|
138 | |
public Date getNotAfter () { |
139 | 9 | return this.ac.getNotAfter(); |
140 | |
} |
141 | |
|
142 | |
|
143 | |
|
144 | |
|
145 | |
|
146 | |
|
147 | |
|
148 | |
public X509Attribute[] getAttributes () { |
149 | 0 | return this.ac.getAttributes(); |
150 | |
} |
151 | |
|
152 | |
|
153 | |
|
154 | |
|
155 | |
|
156 | |
|
157 | |
|
158 | |
public X509Attribute[] getAttributes (String oid) { |
159 | 10 | return this.ac.getAttributes(oid); |
160 | |
} |
161 | |
|
162 | |
|
163 | |
|
164 | |
|
165 | |
|
166 | |
|
167 | |
|
168 | |
public AttributeCertificateIssuer getIssuer () { |
169 | 11 | return this.ac.getIssuer(); |
170 | |
} |
171 | |
|
172 | |
|
173 | |
|
174 | |
|
175 | |
|
176 | |
|
177 | |
|
178 | |
public AttributeCertificateHolder getHolder () { |
179 | 12 | return this.ac.getHolder(); |
180 | |
} |
181 | |
|
182 | |
|
183 | |
|
184 | |
|
185 | |
|
186 | |
|
187 | |
@Override |
188 | |
public byte[] getEncoded () throws CertificateEncodingException { |
189 | 2 | return this.encoded; |
190 | |
} |
191 | |
|
192 | |
|
193 | |
|
194 | |
|
195 | |
@Override |
196 | |
public PublicKey getPublicKey () { |
197 | 0 | return null; |
198 | |
} |
199 | |
|
200 | |
|
201 | |
|
202 | |
|
203 | |
@Override |
204 | |
public String toString () { |
205 | 0 | return this.ac.toString(); |
206 | |
} |
207 | |
|
208 | |
|
209 | |
|
210 | |
|
211 | |
@Override |
212 | |
public void verify (PublicKey publicKey) |
213 | |
throws |
214 | |
CertificateException, |
215 | |
NoSuchAlgorithmException, |
216 | |
InvalidKeyException, |
217 | |
NoSuchProviderException, |
218 | |
SignatureException |
219 | |
{ |
220 | |
|
221 | 17 | Signature signature = |
222 | |
Signature.getInstance(this.asnDecoded.getSignatureAlgorithm().getObjectId().getId()); |
223 | 17 | this.ac.verify(publicKey, signature.getProvider().getName()); |
224 | 11 | } |
225 | |
|
226 | |
|
227 | |
|
228 | |
|
229 | |
@Override |
230 | |
public void verify (PublicKey publicKey, String provider) |
231 | |
throws |
232 | |
CertificateException, |
233 | |
NoSuchAlgorithmException, |
234 | |
InvalidKeyException, |
235 | |
NoSuchProviderException, |
236 | |
SignatureException |
237 | |
{ |
238 | 0 | this.ac.verify(publicKey, provider); |
239 | 0 | } |
240 | |
|
241 | |
|
242 | |
|
243 | |
|
244 | |
|
245 | |
|
246 | |
public Set<String> getCriticalExtensionOIDs () { |
247 | 0 | return this.ac.getCriticalExtensionOIDs(); |
248 | |
} |
249 | |
|
250 | |
|
251 | |
|
252 | |
|
253 | |
public byte[] getExtensionValue (String arg0) { |
254 | 0 | return this.ac.getExtensionValue(arg0); |
255 | |
} |
256 | |
|
257 | |
|
258 | |
|
259 | |
|
260 | |
public Set<String> getNonCriticalExtensionOIDs () { |
261 | 0 | return this.ac.getNonCriticalExtensionOIDs(); |
262 | |
} |
263 | |
|
264 | |
|
265 | |
|
266 | |
|
267 | |
public boolean hasUnsupportedCriticalExtension () { |
268 | 0 | return this.ac.hasUnsupportedCriticalExtension(); |
269 | |
} |
270 | |
|
271 | |
} |