diff options
Diffstat (limited to 'bcprov/src/main/java/org/bouncycastle/asn1/cmp/CMPCertificate.java')
-rw-r--r-- | bcprov/src/main/java/org/bouncycastle/asn1/cmp/CMPCertificate.java | 71 |
1 files changed, 60 insertions, 11 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CMPCertificate.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CMPCertificate.java index 243aacb..782c8c2 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CMPCertificate.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CMPCertificate.java @@ -1,5 +1,7 @@ package org.bouncycastle.asn1.cmp; +import java.io.IOException; + import org.bouncycastle.asn1.ASN1Choice; import org.bouncycastle.asn1.ASN1Object; import org.bouncycastle.asn1.ASN1Primitive; @@ -14,14 +16,31 @@ public class CMPCertificate implements ASN1Choice { private Certificate x509v3PKCert; - private AttributeCertificate x509v2AttrCert; + + private int otherTagValue; + private ASN1Object otherCert; /** - * Note: the addition of attribute certificates is a BC extension. + * Note: the addition of attribute certificates is a BC extension. If you use this constructor they + * will be added with a tag value of 1. + * @deprecated use (type. otherCert) constructor */ public CMPCertificate(AttributeCertificate x509v2AttrCert) { - this.x509v2AttrCert = x509v2AttrCert; + this(1, x509v2AttrCert); + } + + /** + * Note: the addition of other certificates is a BC extension. If you use this constructor they + * will be added with an explicit tag value of type. + * + * @param type the type of the certificate (used as a tag value). + * @param otherCert the object representing the certificate + */ + public CMPCertificate(int type, ASN1Object otherCert) + { + this.otherTagValue = type; + this.otherCert = otherCert; } public CMPCertificate(Certificate x509v3PKCert) @@ -41,14 +60,28 @@ public class CMPCertificate return (CMPCertificate)o; } - if (o instanceof ASN1Sequence || o instanceof byte[]) + if (o instanceof byte[]) + { + try + { + o = ASN1Primitive.fromByteArray((byte[])o); + } + catch (IOException e) + { + throw new IllegalArgumentException("Invalid encoding in CMPCertificate"); + } + } + + if (o instanceof ASN1Sequence) { return new CMPCertificate(Certificate.getInstance(o)); } if (o instanceof ASN1TaggedObject) { - return new CMPCertificate(AttributeCertificate.getInstance(((ASN1TaggedObject)o).getObject())); + ASN1TaggedObject taggedObject = (ASN1TaggedObject)o; + + return new CMPCertificate(taggedObject.getTagNo(), taggedObject.getObject()); } throw new IllegalArgumentException("Invalid object: " + o.getClass().getName()); @@ -64,27 +97,43 @@ public class CMPCertificate return x509v3PKCert; } + /** + * Return an AttributeCertificate interpretation of otherCert. + * @deprecated use getOtherCert and getOtherTag to make sure message is really what it should be. + * + * @return an AttributeCertificate + */ public AttributeCertificate getX509v2AttrCert() { - return x509v2AttrCert; + return AttributeCertificate.getInstance(otherCert); + } + + public int getOtherCertTag() + { + return otherTagValue; + } + + public ASN1Object getOtherCert() + { + return otherCert; } /** * <pre> * CMPCertificate ::= CHOICE { - * x509v3PKCert Certificate - * x509v2AttrCert [1] AttributeCertificate + * x509v3PKCert Certificate + * otherCert [tag] EXPLICIT ANY DEFINED BY tag * } * </pre> - * Note: the addition of attribute certificates is a BC extension. + * Note: the addition of the explicit tagging is a BC extension. We apologise for the warped syntax, but hopefully you get the idea. * * @return a basic ASN.1 object representation. */ public ASN1Primitive toASN1Primitive() { - if (x509v2AttrCert != null) + if (otherCert != null) { // explicit following CMP conventions - return new DERTaggedObject(true, 1, x509v2AttrCert); + return new DERTaggedObject(true, otherTagValue, otherCert); } return x509v3PKCert.toASN1Primitive(); |