diff options
Diffstat (limited to 'bcprov/src/main/java/org/bouncycastle/asn1')
9 files changed, 129 insertions, 61 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java index d760a1f..bbe5ae1 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java @@ -153,7 +153,7 @@ public class ASN1GeneralizedTime /** * return the time - always in the form of * YYYYMMDDhhmmssGMT(+hh:mm|-hh:mm). - * <p/> + * <p> * Normally in a certificate we would expect "Z" rather than "GMT", * however adding the "GMT" means we can just use: * <pre> @@ -161,6 +161,7 @@ public class ASN1GeneralizedTime * </pre> * To read in the time and get a date which is compatible with our local * time zone. + * </p> */ public String getTime() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Object.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Object.java index cfda1a6..304866f 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Object.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Object.java @@ -3,11 +3,13 @@ package org.bouncycastle.asn1; import java.io.ByteArrayOutputStream; import java.io.IOException; +import org.bouncycastle.util.Encodable; + /** * Base class for defining an ASN.1 object. */ public abstract class ASN1Object - implements ASN1Encodable + implements ASN1Encodable, Encodable { /** * Return the default BER or DER encoding for this object. diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Set.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Set.java index 895f002..b4d263a 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Set.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Set.java @@ -481,22 +481,17 @@ public abstract class ASN1Set return len == a.length; } - private byte[] getEncoded( + private byte[] getDEREncoded( ASN1Encodable obj) { - ByteArrayOutputStream bOut = new ByteArrayOutputStream(); - ASN1OutputStream aOut = new ASN1OutputStream(bOut); - try { - aOut.writeObject(obj); + return obj.toASN1Primitive().getEncoded(ASN1Encoding.DER); } catch (IOException e) { throw new IllegalArgumentException("cannot encode object added to SET"); } - - return bOut.toByteArray(); } protected void sort() @@ -513,13 +508,13 @@ public abstract class ASN1Set { int index = 0; int swapIndex = 0; - byte[] a = getEncoded((ASN1Encodable)set.elementAt(0)); + byte[] a = getDEREncoded((ASN1Encodable)set.elementAt(0)); swapped = false; while (index != lastSwap) { - byte[] b = getEncoded((ASN1Encodable)set.elementAt(index + 1)); + byte[] b = getDEREncoded((ASN1Encodable)set.elementAt(index + 1)); if (lessThanOrEqual(a, b)) { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/misc/MiscObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/misc/MiscObjectIdentifiers.java index dfc3121..098656c 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/misc/MiscObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/misc/MiscObjectIdentifiers.java @@ -35,9 +35,16 @@ public interface MiscObjectIdentifiers static final ASN1ObjectIdentifier verisign = new ASN1ObjectIdentifier("2.16.840.1.113733.1"); /** Verisign CZAG (Country,Zip,Age,Gender) Extension OID: 2.16.840.1.113733.1.6.3 */ - static final ASN1ObjectIdentifier verisignCzagExtension = verisign.branch("6.3"); + static final ASN1ObjectIdentifier verisignCzagExtension = verisign.branch("6.3"); + + static final ASN1ObjectIdentifier verisignPrivate_6_9 = verisign.branch("6.9"); + static final ASN1ObjectIdentifier verisignOnSiteJurisdictionHash = verisign.branch("6.11"); + static final ASN1ObjectIdentifier verisignBitString_6_13 = verisign.branch("6.13"); + /** Verisign D&B D-U-N-S number Extension OID: 2.16.840.1.113733.1.6.15 */ - static final ASN1ObjectIdentifier verisignDnbDunsNumber = verisign.branch("6.15"); + static final ASN1ObjectIdentifier verisignDnbDunsNumber = verisign.branch("6.15"); + + static final ASN1ObjectIdentifier verisignIssStrongCrypto = verisign.branch("8.1"); // // Novell diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/CertificationRequestInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/CertificationRequestInfo.java index d2acd30..fb418ae 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/CertificationRequestInfo.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/CertificationRequestInfo.java @@ -67,18 +67,18 @@ public class CertificationRequestInfo * @param attributes any attributes to be associated with the request. */ public CertificationRequestInfo( - X500Name subject, + X500Name subject, SubjectPublicKeyInfo pkInfo, ASN1Set attributes) { - this.subject = subject; - this.subjectPKInfo = pkInfo; - this.attributes = attributes; - - if ((subject == null) || (version == null) || (subjectPKInfo == null)) + if ((subject == null) || (pkInfo == null)) { throw new IllegalArgumentException("Not all mandatory fields set in CertificationRequestInfo generator."); } + + this.subject = subject; + this.subjectPKInfo = pkInfo; + this.attributes = attributes; } /** @@ -89,14 +89,14 @@ public class CertificationRequestInfo SubjectPublicKeyInfo pkInfo, ASN1Set attributes) { - this.subject = X500Name.getInstance(subject.toASN1Primitive()); - this.subjectPKInfo = pkInfo; - this.attributes = attributes; - - if ((subject == null) || (version == null) || (subjectPKInfo == null)) + if ((subject == null) || (pkInfo == null)) { throw new IllegalArgumentException("Not all mandatory fields set in CertificationRequestInfo generator."); } + + this.subject = X500Name.getInstance(subject.toASN1Primitive()); + this.subjectPKInfo = pkInfo; + this.attributes = attributes; } /** diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/sec/ECPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/asn1/sec/ECPrivateKey.java index df2238a..269466d 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/sec/ECPrivateKey.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/sec/ECPrivateKey.java @@ -47,10 +47,26 @@ public class ECPrivateKey return null; } + /** + * @deprecated use constructor which takes orderBitLength to guarantee correct encoding. + */ public ECPrivateKey( BigInteger key) { - byte[] bytes = BigIntegers.asUnsignedByteArray(key); + this(key.bitLength(), key); + } + + /** + * Base constructor. + * + * @param orderBitLength the bitLength of the order of the curve. + * @param key the private key value. + */ + public ECPrivateKey( + int orderBitLength, + BigInteger key) + { + byte[] bytes = BigIntegers.asUnsignedByteArray((orderBitLength + 7) / 8, key); ASN1EncodableVector v = new ASN1EncodableVector(); @@ -60,6 +76,9 @@ public class ECPrivateKey seq = new DERSequence(v); } + /** + * @deprecated use constructor which takes orderBitLength to guarantee correct encoding. + */ public ECPrivateKey( BigInteger key, ASN1Encodable parameters) @@ -67,12 +86,32 @@ public class ECPrivateKey this(key, null, parameters); } + /** + * @deprecated use constructor which takes orderBitLength to guarantee correct encoding. + */ + public ECPrivateKey( + BigInteger key, + DERBitString publicKey, + ASN1Encodable parameters) + { + this(key.bitLength(), key, publicKey, parameters); + } + + public ECPrivateKey( + int orderBitLength, + BigInteger key, + ASN1Encodable parameters) + { + this(orderBitLength, key, null, parameters); + } + public ECPrivateKey( + int orderBitLength, BigInteger key, DERBitString publicKey, ASN1Encodable parameters) { - byte[] bytes = BigIntegers.asUnsignedByteArray(key); + byte[] bytes = BigIntegers.asUnsignedByteArray((orderBitLength + 7) / 8, key); ASN1EncodableVector v = new ASN1EncodableVector(); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/IETFUtils.java b/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/IETFUtils.java index b4f1794..9df924c 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/IETFUtils.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/IETFUtils.java @@ -322,7 +322,10 @@ public class IETFUtils } else { - IETFUtils.appendTypeAndValue(buf, rdn.getFirst(), oidSymbols); + if (rdn.getFirst() != null) + { + IETFUtils.appendTypeAndValue(buf, rdn.getFirst(), oidSymbols); + } } } @@ -438,7 +441,7 @@ public class IETFUtils public static String canonicalize(String s) { - String value = Strings.toLowerCase(s.trim()); + String value = Strings.toLowerCase(s); if (value.length() > 0 && value.charAt(0) == '#') { @@ -446,7 +449,27 @@ public class IETFUtils if (obj instanceof ASN1String) { - value = Strings.toLowerCase(((ASN1String)obj).getString().trim()); + value = Strings.toLowerCase(((ASN1String)obj).getString()); + } + } + + if (value.length() > 1) + { + int start = 0; + while (start + 1 < value.length() && value.charAt(start) == '\\' && value.charAt(start + 1) == ' ') + { + start += 2; + } + + int end = value.length() - 1; + while (end - 1 > 0 && value.charAt(end - 1) == '\\' && value.charAt(end) == ' ') + { + end -= 2; + } + + if (start > 0 || end < value.length() - 1) + { + value = value.substring(start, end + 1); } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/Extensions.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/Extensions.java index 1aeed15..6508f93 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/Extensions.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/Extensions.java @@ -43,8 +43,9 @@ public class Extensions /** * Constructor from ASN1Sequence. - * <p/> - * the extensions are a list of constructed sequences, either with (OID, OctetString) or (OID, Boolean, OctetString) + * <p> + * The extensions are a list of constructed sequences, either with (OID, OctetString) or (OID, Boolean, OctetString) + * </p> */ private Extensions( ASN1Sequence seq) diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ObjectIdentifiers.java index eabf90e..53a4373 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ObjectIdentifiers.java @@ -63,78 +63,78 @@ public interface X9ObjectIdentifiers /** * Named curves base * <p> - * OID: 1.2.840.10045.1 + * OID: 1.2.840.10045.3 */ static final ASN1ObjectIdentifier ellipticCurve = ansi_X9_62.branch("3"); /** * Two Curves * <p> - * OID: 1.2.840.10045.1.0 + * OID: 1.2.840.10045.3.0 */ static final ASN1ObjectIdentifier cTwoCurve = ellipticCurve.branch("0"); - /** Two Curve c2pnb163v1, OID: 1.2.840.10045.1.0.1 */ + /** Two Curve c2pnb163v1, OID: 1.2.840.10045.3.0.1 */ static final ASN1ObjectIdentifier c2pnb163v1 = cTwoCurve.branch("1"); - /** Two Curve c2pnb163v2, OID: 1.2.840.10045.1.0.2 */ + /** Two Curve c2pnb163v2, OID: 1.2.840.10045.3.0.2 */ static final ASN1ObjectIdentifier c2pnb163v2 = cTwoCurve.branch("2"); - /** Two Curve c2pnb163v3, OID: 1.2.840.10045.1.0.3 */ + /** Two Curve c2pnb163v3, OID: 1.2.840.10045.3.0.3 */ static final ASN1ObjectIdentifier c2pnb163v3 = cTwoCurve.branch("3"); - /** Two Curve c2pnb176w1, OID: 1.2.840.10045.1.0.4 */ + /** Two Curve c2pnb176w1, OID: 1.2.840.10045.3.0.4 */ static final ASN1ObjectIdentifier c2pnb176w1 = cTwoCurve.branch("4"); - /** Two Curve c2tnb191v1, OID: 1.2.840.10045.1.0.5 */ + /** Two Curve c2tnb191v1, OID: 1.2.840.10045.3.0.5 */ static final ASN1ObjectIdentifier c2tnb191v1 = cTwoCurve.branch("5"); - /** Two Curve c2tnb191v2, OID: 1.2.840.10045.1.0.6 */ + /** Two Curve c2tnb191v2, OID: 1.2.840.10045.3.0.6 */ static final ASN1ObjectIdentifier c2tnb191v2 = cTwoCurve.branch("6"); - /** Two Curve c2tnb191v3, OID: 1.2.840.10045.1.0.7 */ + /** Two Curve c2tnb191v3, OID: 1.2.840.10045.3.0.7 */ static final ASN1ObjectIdentifier c2tnb191v3 = cTwoCurve.branch("7"); - /** Two Curve c2onb191v4, OID: 1.2.840.10045.1.0.8 */ + /** Two Curve c2onb191v4, OID: 1.2.840.10045.3.0.8 */ static final ASN1ObjectIdentifier c2onb191v4 = cTwoCurve.branch("8"); - /** Two Curve c2onb191v5, OID: 1.2.840.10045.1.0.9 */ + /** Two Curve c2onb191v5, OID: 1.2.840.10045.3.0.9 */ static final ASN1ObjectIdentifier c2onb191v5 = cTwoCurve.branch("9"); - /** Two Curve c2pnb208w1, OID: 1.2.840.10045.1.0.10 */ + /** Two Curve c2pnb208w1, OID: 1.2.840.10045.3.0.10 */ static final ASN1ObjectIdentifier c2pnb208w1 = cTwoCurve.branch("10"); - /** Two Curve c2tnb239v1, OID: 1.2.840.10045.1.0.11 */ + /** Two Curve c2tnb239v1, OID: 1.2.840.10045.3.0.11 */ static final ASN1ObjectIdentifier c2tnb239v1 = cTwoCurve.branch("11"); - /** Two Curve c2tnb239v2, OID: 1.2.840.10045.1.0.12 */ + /** Two Curve c2tnb239v2, OID: 1.2.840.10045.3.0.12 */ static final ASN1ObjectIdentifier c2tnb239v2 = cTwoCurve.branch("12"); - /** Two Curve c2tnb239v3, OID: 1.2.840.10045.1.0.13 */ + /** Two Curve c2tnb239v3, OID: 1.2.840.10045.3.0.13 */ static final ASN1ObjectIdentifier c2tnb239v3 = cTwoCurve.branch("13"); - /** Two Curve c2onb239v4, OID: 1.2.840.10045.1.0.14 */ + /** Two Curve c2onb239v4, OID: 1.2.840.10045.3.0.14 */ static final ASN1ObjectIdentifier c2onb239v4 = cTwoCurve.branch("14"); - /** Two Curve c2onb239v5, OID: 1.2.840.10045.1.0.15 */ + /** Two Curve c2onb239v5, OID: 1.2.840.10045.3.0.15 */ static final ASN1ObjectIdentifier c2onb239v5 = cTwoCurve.branch("15"); - /** Two Curve c2pnb272w1, OID: 1.2.840.10045.1.0.16 */ + /** Two Curve c2pnb272w1, OID: 1.2.840.10045.3.0.16 */ static final ASN1ObjectIdentifier c2pnb272w1 = cTwoCurve.branch("16"); - /** Two Curve c2pnb304w1, OID: 1.2.840.10045.1.0.17 */ + /** Two Curve c2pnb304w1, OID: 1.2.840.10045.3.0.17 */ static final ASN1ObjectIdentifier c2pnb304w1 = cTwoCurve.branch("17"); - /** Two Curve c2tnb359v1, OID: 1.2.840.10045.1.0.18 */ + /** Two Curve c2tnb359v1, OID: 1.2.840.10045.3.0.18 */ static final ASN1ObjectIdentifier c2tnb359v1 = cTwoCurve.branch("18"); - /** Two Curve c2pnb368w1, OID: 1.2.840.10045.1.0.19 */ + /** Two Curve c2pnb368w1, OID: 1.2.840.10045.3.0.19 */ static final ASN1ObjectIdentifier c2pnb368w1 = cTwoCurve.branch("19"); - /** Two Curve c2tnb431r1, OID: 1.2.840.10045.1.0.20 */ + /** Two Curve c2tnb431r1, OID: 1.2.840.10045.3.0.20 */ static final ASN1ObjectIdentifier c2tnb431r1 = cTwoCurve.branch("20"); /** * Prime Curves * <p> - * OID: 1.2.840.10045.1.1 + * OID: 1.2.840.10045.3.1 */ static final ASN1ObjectIdentifier primeCurve = ellipticCurve.branch("1"); - /** Prime Curve prime192v1, OID: 1.2.840.10045.1.1.1 */ + /** Prime Curve prime192v1, OID: 1.2.840.10045.3.1.1 */ static final ASN1ObjectIdentifier prime192v1 = primeCurve.branch("1"); - /** Prime Curve prime192v2, OID: 1.2.840.10045.1.1.2 */ + /** Prime Curve prime192v2, OID: 1.2.840.10045.3.1.2 */ static final ASN1ObjectIdentifier prime192v2 = primeCurve.branch("2"); - /** Prime Curve prime192v3, OID: 1.2.840.10045.1.1.3 */ + /** Prime Curve prime192v3, OID: 1.2.840.10045.3.1.3 */ static final ASN1ObjectIdentifier prime192v3 = primeCurve.branch("3"); - /** Prime Curve prime239v1, OID: 1.2.840.10045.1.1.4 */ + /** Prime Curve prime239v1, OID: 1.2.840.10045.3.1.4 */ static final ASN1ObjectIdentifier prime239v1 = primeCurve.branch("4"); - /** Prime Curve prime239v2, OID: 1.2.840.10045.1.1.5 */ + /** Prime Curve prime239v2, OID: 1.2.840.10045.3.1.5 */ static final ASN1ObjectIdentifier prime239v2 = primeCurve.branch("5"); - /** Prime Curve prime239v3, OID: 1.2.840.10045.1.1.6 */ + /** Prime Curve prime239v3, OID: 1.2.840.10045.3.1.6 */ static final ASN1ObjectIdentifier prime239v3 = primeCurve.branch("6"); - /** Prime Curve prime256v1, OID: 1.2.840.10045.1.1.7 */ + /** Prime Curve prime256v1, OID: 1.2.840.10045.3.1.7 */ static final ASN1ObjectIdentifier prime256v1 = primeCurve.branch("7"); /** |