1 package org.bouncycastle.asn1.x509;
3 import org.bouncycastle.asn1.*;
4 import org.bouncycastle.asn1.pkcs.*;
8 * TBSCertificate ::= SEQUENCE {
9 * version [ 0 ] Version DEFAULT v1(0),
10 * serialNumber CertificateSerialNumber,
11 * signature AlgorithmIdentifier,
15 * subjectPublicKeyInfo SubjectPublicKeyInfo,
16 * issuerUniqueID [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
17 * subjectUniqueID [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
18 * extensions [ 3 ] Extensions OPTIONAL
22 * Note: issuerUniqueID and subjectUniqueID are both deprecated by the IETF. This class
23 * will parse them, but you really shouldn't be creating new ones.
25 public class TBSCertificateStructure
26 implements DEREncodable, X509ObjectIdentifiers, PKCSObjectIdentifiers
28 DERConstructedSequence seq;
31 DERInteger serialNumber;
32 AlgorithmIdentifier signature;
34 DERUTCTime startDate, endDate;
36 SubjectPublicKeyInfo subjectPublicKeyInfo;
37 DERBitString issuerUniqueId;
38 DERBitString subjectUniqueId;
39 X509Extensions extensions;
41 public TBSCertificateStructure(
42 DERConstructedSequence seq)
49 // some certficates don't include a version number - we assume v1
51 if (seq.getObjectAt(0) instanceof DERTaggedObject)
53 version = (DERInteger)((DERTaggedObject)seq.getObjectAt(0)).getObject();
57 seqStart = -1; // field 0 is missing!
58 version = new DERInteger(0);
61 serialNumber = (DERInteger)seq.getObjectAt(seqStart + 1);
63 if (seq.getObjectAt(seqStart + 2) instanceof AlgorithmIdentifier)
65 signature = (AlgorithmIdentifier)seq.getObjectAt(seqStart + 2);
69 signature = new AlgorithmIdentifier((DERConstructedSequence)seq.getObjectAt(seqStart + 2));
72 if (seq.getObjectAt(seqStart + 3) instanceof X509Name)
74 issuer = (X509Name)seq.getObjectAt(seqStart + 3);
78 issuer = new X509Name((DERConstructedSequence)seq.getObjectAt(seqStart + 3));
82 // before and after dates
84 DERConstructedSequence dates = (DERConstructedSequence)seq.getObjectAt(seqStart + 4);
85 startDate = (DERUTCTime)dates.getObjectAt(0);
86 endDate = (DERUTCTime)dates.getObjectAt(1);
88 if (seq.getObjectAt(seqStart + 5) instanceof X509Name)
90 subject = (X509Name)seq.getObjectAt(seqStart + 5);
94 subject = new X509Name((DERConstructedSequence)seq.getObjectAt(seqStart + 5));
100 if (seq.getObjectAt(seqStart + 6) instanceof SubjectPublicKeyInfo)
102 subjectPublicKeyInfo = (SubjectPublicKeyInfo)seq.getObjectAt(seqStart + 6);
106 subjectPublicKeyInfo = new SubjectPublicKeyInfo((DERConstructedSequence)seq.getObjectAt(seqStart + 6));
109 for (int extras = seq.getSize() - (seqStart + 6) - 1; extras > 0; extras--)
111 DERTaggedObject extra = (DERTaggedObject)seq.getObjectAt(seqStart + 6 + extras);
113 switch (extra.getTagNo())
116 issuerUniqueId = (DERBitString)extra.getObject();
119 subjectUniqueId = (DERBitString)extra.getObject();
122 extensions = new X509Extensions((DERConstructedSequence)extra.getObject());
127 public int getVersion()
129 return version.getValue().intValue() + 1;
132 public DERInteger getVersionNumber()
137 public DERInteger getSerialNumber()
142 public AlgorithmIdentifier getSignature()
147 public X509Name getIssuer()
152 public DERUTCTime getStartDate()
157 public DERUTCTime getEndDate()
162 public X509Name getSubject()
167 public SubjectPublicKeyInfo getSubjectPublicKeyInfo()
169 return subjectPublicKeyInfo;
172 public DERBitString getIssuerUniqueId()
174 return issuerUniqueId;
177 public DERBitString getSubjectUniqueId()
179 return subjectUniqueId;
182 public X509Extensions getExtensions()
187 public DERObject getDERObject()