src/org/bouncycastle/asn1/x509/TBSCertList.java

   1
   2 package org.bouncycastle.asn1.x509;
   3
   4 import org.bouncycastle.asn1.*;
   5
   6 /**
   7  * PKIX RFC-2459
   8  *
   9  * <pre>
  10  * TBSCertList  ::=  SEQUENCE  {
  11  *      version                 Version OPTIONAL,
  12  *                                   -- if present, shall be v2
  13  *      signature               AlgorithmIdentifier,
  14  *      issuer                  Name,
  15  *      thisUpdate              Time,
  16  *      nextUpdate              Time OPTIONAL,
  17  *      revokedCertificates     SEQUENCE OF SEQUENCE  {
  18  *           userCertificate         CertificateSerialNumber,
  19  *           revocationDate          Time,
  20  *           crlEntryExtensions      Extensions OPTIONAL
  21  *                                         -- if present, shall be v2
  22  *                                }  OPTIONAL,
  23  *      crlExtensions           [0]  EXPLICIT Extensions OPTIONAL
  24  *                                         -- if present, shall be v2
  25  *                                }
  26  * </pre>
  27  */
  28
  29 public class TBSCertList
  30     implements DEREncodable
  31 {
  32     public class CRLEntry
  33         implements DEREncodable
  34     {
  35         DERConstructedSequence  seq;
  36
  37         DERInteger          userCertificate;
  38         Time                revocationDate;
  39         X509Extensions      crlEntryExtensions;
  40
  41         public CRLEntry(
  42             DERConstructedSequence  seq)
  43         {
  44             this.seq = seq;
  45
  46             userCertificate = (DERInteger)seq.getObjectAt(0);
  47             revocationDate = Time.getInstance(seq.getObjectAt(1));
  48             if (seq.getSize() == 3)
  49             {
  50                 crlEntryExtensions = X509Extensions.getInstance(seq.getObjectAt(2));
  51             }
  52         }
  53
  54         public DERInteger getUserCertificate()
  55         {
  56             return userCertificate;
  57         }
  58
  59         public Time getRevocationDate()
  60         {
  61             return revocationDate;
  62         }
  63
  64         public X509Extensions getExtensions()
  65         {
  66             return crlEntryExtensions;
  67         }
  68
  69         public DERObject getDERObject()
  70         {
  71             return seq;
  72         }
  73     }
  74
  75     ASN1Sequence     seq;
  76
  77     DERInteger              version;
  78     AlgorithmIdentifier     signature;
  79     X509Name                issuer;
  80     Time                    thisUpdate;
  81     Time                    nextUpdate;
  82     CRLEntry[]              revokedCertificates;
  83     X509Extensions          crlExtensions;
  84
  85     public static TBSCertList getInstance(
  86         ASN1TaggedObject obj,
  87         boolean          explicit)
  88     {
  89         return getInstance(ASN1Sequence.getInstance(obj, explicit));
  90     }
  91
  92     public static TBSCertList getInstance(
  93         Object  obj)
  94     {
  95         if (obj instanceof TBSCertList)
  96         {
  97             return (TBSCertList)obj;
  98         }
  99         else if (obj instanceof ASN1Sequence)
 100         {
 101             return new TBSCertList((ASN1Sequence)obj);
 102         }
 103
 104         throw new IllegalArgumentException("unknown object in factory");
 105     }
 106
 107     public TBSCertList(
 108         ASN1Sequence  seq)
 109     {
 110         int seqPos = 0;
 111
 112         this.seq = seq;
 113
 114         if (seq.getObjectAt(seqPos) instanceof DERInteger)
 115         {
 116             version = (DERInteger)seq.getObjectAt(seqPos++);
 117         }
 118         else
 119         {
 120             version = new DERInteger(0);
 121         }
 122
 123         signature = AlgorithmIdentifier.getInstance(seq.getObjectAt(seqPos++));
 124         issuer = X509Name.getInstance(seq.getObjectAt(seqPos++));
 125         thisUpdate = Time.getInstance(seq.getObjectAt(seqPos++));
 126
 127         if (seqPos < seq.size()
 128             && (seq.getObjectAt(seqPos) instanceof DERUTCTime
 129                || seq.getObjectAt(seqPos) instanceof DERGeneralizedTime
 130                || seq.getObjectAt(seqPos) instanceof Time))
 131         {
 132             nextUpdate = Time.getInstance(seq.getObjectAt(seqPos++));
 133         }
 134
 135         if (seqPos < seq.size()
 136             && !(seq.getObjectAt(seqPos) instanceof DERTaggedObject))
 137         {
 138             DERConstructedSequence certs = (DERConstructedSequence)seq.getObjectAt(seqPos++);
 139             revokedCertificates = new CRLEntry[certs.getSize()];
 140
 141             for ( int i = 0; i < revokedCertificates.length; i++)
 142             {
 143                 revokedCertificates[i] = new CRLEntry((DERConstructedSequence)certs.getObjectAt(i));
 144             }
 145         }
 146
 147         if (seqPos < seq.size()
 148             && seq.getObjectAt(seqPos) instanceof DERTaggedObject)
 149         {
 150             crlExtensions = X509Extensions.getInstance(seq.getObjectAt(seqPos++));
 151         }
 152     }
 153
 154     public int getVersion()
 155     {
 156         return version.getValue().intValue() + 1;
 157     }
 158
 159     public DERInteger getVersionNumber()
 160     {
 161         return version;
 162     }
 163
 164     public AlgorithmIdentifier getSignature()
 165     {
 166         return signature;
 167     }
 168
 169     public X509Name getIssuer()
 170     {
 171         return issuer;
 172     }
 173
 174     public Time getThisUpdate()
 175     {
 176         return thisUpdate;
 177     }
 178
 179     public Time getNextUpdate()
 180     {
 181         return nextUpdate;
 182     }
 183
 184     public CRLEntry[] getRevokedCertificates()
 185     {
 186         return revokedCertificates;
 187     }
 188
 189     public X509Extensions getExtensions()
 190     {
 191         return crlExtensions;
 192     }
 193
 194     public DERObject getDERObject()
 195     {
 196         return seq;
 197     }
 198 }