X-Git-Url: http://git.megacz.com/?p=org.ibex.crypto.git;a=blobdiff_plain;f=src%2Forg%2Fibex%2Fcrypto%2FX509.java;h=c283aaf56ee7526ba57b90b8e2f61b1387fef807;hp=2c1326d1d913432c8a8686985e6ddc89b3db6d3c;hb=ed61cfa8521a699d1886165842cdf17e37e3e60e;hpb=0b803842a04a8aaac26046606de79c8a1ab47b48 diff --git a/src/org/ibex/crypto/X509.java b/src/org/ibex/crypto/X509.java index 2c1326d..c283aaf 100644 --- a/src/org/ibex/crypto/X509.java +++ b/src/org/ibex/crypto/X509.java @@ -19,7 +19,7 @@ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * AUTHORS OR COPYRIGHT HOLDER.S BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. @@ -45,20 +45,20 @@ public class X509 { public final Number version; public final Number serialNo; - public final X509Name issuer; + public final X509.Name issuer; public final Date startDate; public final Date endDate; - public final X509Name subject; + public final X509.Name subject; public final AlgorithmIdentifier publicKeyAlgorithm; - public final DERBitString publicKey; + public final DER.BitString publicKey; public final Object issuerUniqueID; public final Object subjectUniqueID; public final Vector extensions; - public final DERBitString signature; + public final DER.BitString signature; public final AlgorithmIdentifier signatureAlgorithm; public final BC basicContraints; @@ -67,41 +67,41 @@ public class X509 { public Certificate(InputStream is) throws IOException { int i; RecordingInputStream certIS = new RecordingInputStream(is); - DERInputStream certSequence = new DERInputStream(certIS).getSequenceStream(); + DER.InputStream certSequence = new DER.InputStream(certIS).getSequenceStream(); RecordingInputStream tbsCertIS = new RecordingInputStream(certSequence); try { - Vector tbsSequence = (Vector) new DERInputStream(tbsCertIS).readObject(); + Vector tbsSequence = (Vector) new DER.InputStream(tbsCertIS).readObject(); tbsCertBytes = tbsCertIS.getBytes(); signatureAlgorithm = new AlgorithmIdentifier(certSequence.readObject()); - signature = (DERBitString) certSequence.readObject(); + signature = (DER.BitString) certSequence.readObject(); i=0; - if(tbsSequence.elementAt(i) instanceof DERTaggedObject) - version = (Number)((DERTaggedObject)tbsSequence.elementAt(i++)).object; + if(tbsSequence.elementAt(i) instanceof DER.TaggedObject) + version = (Number)((DER.TaggedObject)tbsSequence.elementAt(i++)).object; else version = new Integer(0); serialNo = (Number) tbsSequence.elementAt(i++); AlgorithmIdentifier signatureAlgorithm2 = new AlgorithmIdentifier(tbsSequence.elementAt(i++)); if(!signatureAlgorithm2.equals(signatureAlgorithm)) - throw new DERException("AlgoritmIdentifier mismatch " + signatureAlgorithm + " vs " + signatureAlgorithm2); - issuer = new X509Name(tbsSequence.elementAt(i++)); + throw new DER.Exception("AlgoritmIdentifier mismatch " + signatureAlgorithm + " vs " + signatureAlgorithm2); + issuer = new X509.Name(tbsSequence.elementAt(i++)); Vector validity = (Vector) tbsSequence.elementAt(i++); startDate = (Date) validity.elementAt(0); endDate = (Date) validity.elementAt(1); - subject = new X509Name(tbsSequence.elementAt(i++)); + subject = new X509.Name(tbsSequence.elementAt(i++)); Vector publicKeyInfo = (Vector) tbsSequence.elementAt(i++); publicKeyAlgorithm = new AlgorithmIdentifier(publicKeyInfo.elementAt(0)); - publicKey = (DERBitString) publicKeyInfo.elementAt(1); + publicKey = (DER.BitString) publicKeyInfo.elementAt(1); Object issuerUniqueID_=null,subjectUniqueID_=null; Vector extensions_=null; for(;i < tbsSequence.size();i++) { - DERTaggedObject to = (DERTaggedObject) tbsSequence.elementAt(i); + DER.TaggedObject to = (DER.TaggedObject) tbsSequence.elementAt(i); switch(to.tag) { case 1: issuerUniqueID_ = to.object; break; case 2: subjectUniqueID_ = to.object; break; @@ -120,52 +120,52 @@ public class X509 { String oid = (String) extension.elementAt(0); byte[] data = (byte[]) extension.elementAt(extension.size()-1); if(oid.equals(BASIC_CONSTRAINTS)) - bc = new BC(new DERInputStream(new ByteArrayInputStream(data)).readObject()); + bc = new BC(new DER.InputStream(new ByteArrayInputStream(data)).readObject()); } } basicContraints = bc; } catch(RuntimeException e) { e.printStackTrace(); - throw new DERException("Invalid x509 Certificate"); + throw new DER.Exception("Invalid x509 Certificate"); } certBytes = certIS.getBytes(); } public String getSubjectField(String fieldID) { return subject.get(fieldID); } - public String getCN() { return getSubjectField(X509Name.CN); } + public String getCN() { return getSubjectField(X509.Name.CN); } public boolean isValid() { Date now = new Date(); return !now.after(endDate) && !now.before(startDate); } - public RSAPublicKey getRSAPublicKey() throws DERException { - if(!RSA_ENCRYPTION.equals(publicKeyAlgorithm.id)) throw new DERException("This isn't an RSA public key"); + public RSA.PublicKey getRSAPublicKey() throws DER.Exception { + if(!RSA_ENCRYPTION.equals(publicKeyAlgorithm.id)) throw new DER.Exception("This isn't an RSA public key"); try { - return new RSAPublicKey(new DERInputStream(new ByteArrayInputStream(publicKey.data)).readObject()); + return new RSA.PublicKey(new DER.InputStream(new ByteArrayInputStream(publicKey.data)).readObject()); } catch(IOException e) { - throw new DERException(e.getMessage()); + throw new DER.Exception(e.getMessage()); } catch(RuntimeException e) { - throw new DERException("Invalid RSA Public Key " + e.getMessage()); + throw new DER.Exception("Invalid RSA Public Key " + e.getMessage()); } } - public boolean isSignedBy(Certificate signer) throws DERException { + public boolean isSignedBy(Certificate signer) throws DER.Exception { return isSignedWith(signer.getRSAPublicKey()); } - public boolean isSignedWith(RSAPublicKey rsapk) throws DERException { + public boolean isSignedWith(RSA.PublicKey rsapk) throws DER.Exception { try { Digest digest; if(signatureAlgorithm.id.equals(MD5_WITH_RSA_ENCRYPTION)) digest = new MD5(); else if(signatureAlgorithm.id.equals(SHA1_WITH_RSA_ENCRYPTION)) digest = new SHA1(); else if(signatureAlgorithm.id.equals(MD2_WITH_RSA_ENCRYPTION)) digest = new MD2(); - else throw new DERException("Unknown signing algorithm: " + signatureAlgorithm.id); + else throw new DER.Exception("Unknown signing algorithm: " + signatureAlgorithm.id); PKCS1 pkcs1 = new PKCS1(new RSA(rsapk.modulus,rsapk.exponent,true)); byte[] d = pkcs1.decode(signature.data); - Vector v = (Vector) new DERInputStream(new ByteArrayInputStream(d)).readObject(); + Vector v = (Vector) new DER.InputStream(new ByteArrayInputStream(d)).readObject(); byte[] signedDigest = (byte[]) v.elementAt(1); if(signedDigest.length != digest.getDigestSize()) return false; @@ -246,7 +246,7 @@ public class X509 { System.err.println("Start Date: " + cert.startDate); System.err.println("End Date: " + cert.endDate); System.err.println("SHA1 Fingerprint: " + prettyBytes(cert.getSHA1Fingerprint())); - RSAPublicKey key = cert.getRSAPublicKey(); + RSA.PublicKey key = cert.getRSA.PublicKey(); System.err.println("Modulus: " + prettyBytes(key.modulus.toByteArray())); System.err.println("Exponent: " + key.exponent); System.err.println("Signature: " + prettyBytes(cert.signature.data)); @@ -278,7 +278,7 @@ public class X509 { private final Vector keys = new Vector(); private final Vector values = new Vector(); - public Name(Object seq_) throws DERException { + public Name(Object seq_) throws DER.Exception { try { Vector seq = (Vector) seq_; for(Enumeration e = seq.elements();e.hasMoreElements();) { @@ -288,7 +288,7 @@ public class X509 { } } catch(RuntimeException e) { e.printStackTrace(); - throw new DERException("Invalid Name " + e.toString()); + throw new DER.Exception("Invalid Name " + e.toString()); } }