1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
|
package org.bouncycastle.asn1.pkcs;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x509.X509Name;
/**
* PKCS10 CertificationRequestInfo object.
* <pre>
* CertificationRequestInfo ::= SEQUENCE {
* version INTEGER { v1(0) } (v1,...),
* subject Name,
* subjectPKInfo SubjectPublicKeyInfo{{ PKInfoAlgorithms }},
* attributes [0] Attributes{{ CRIAttributes }}
* }
*
* Attributes { ATTRIBUTE:IOSet } ::= SET OF Attribute{{ IOSet }}
*
* Attribute { ATTRIBUTE:IOSet } ::= SEQUENCE {
* type ATTRIBUTE.&id({IOSet}),
* values SET SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{\@type})
* }
* </pre>
*/
public class CertificationRequestInfo
extends ASN1Object
{
ASN1Integer version = new ASN1Integer(0);
X500Name subject;
SubjectPublicKeyInfo subjectPKInfo;
ASN1Set attributes = null;
public static CertificationRequestInfo getInstance(
Object obj)
{
if (obj instanceof CertificationRequestInfo)
{
return (CertificationRequestInfo)obj;
}
else if (obj != null)
{
return new CertificationRequestInfo(ASN1Sequence.getInstance(obj));
}
return null;
}
/**
* Basic constructor.
* <p>
* Note: Early on a lot of CAs would only accept messages with attributes missing. As the ASN.1 def shows
* the attributes field is not optional so should always at least contain an empty set. If a fully compliant
* request is required, pass in an empty set, the class will otherwise interpret a null as it should
* encode the request with the field missing.
* </p>
*
* @param subject subject to be associated with the public key
* @param pkInfo public key to be associated with subject
* @param attributes any attributes to be associated with the request.
*/
public CertificationRequestInfo(
X500Name subject,
SubjectPublicKeyInfo pkInfo,
ASN1Set attributes)
{
this.subject = subject;
this.subjectPKInfo = pkInfo;
this.attributes = attributes;
if ((subject == null) || (version == null) || (subjectPKInfo == null))
{
throw new IllegalArgumentException("Not all mandatory fields set in CertificationRequestInfo generator.");
}
}
/**
* @deprecated use X500Name method.
*/
public CertificationRequestInfo(
X509Name subject,
SubjectPublicKeyInfo pkInfo,
ASN1Set attributes)
{
this.subject = X500Name.getInstance(subject.toASN1Primitive());
this.subjectPKInfo = pkInfo;
this.attributes = attributes;
if ((subject == null) || (version == null) || (subjectPKInfo == null))
{
throw new IllegalArgumentException("Not all mandatory fields set in CertificationRequestInfo generator.");
}
}
/**
* @deprecated use getInstance().
*/
public CertificationRequestInfo(
ASN1Sequence seq)
{
version = (ASN1Integer)seq.getObjectAt(0);
subject = X500Name.getInstance(seq.getObjectAt(1));
subjectPKInfo = SubjectPublicKeyInfo.getInstance(seq.getObjectAt(2));
//
// some CertificationRequestInfo objects seem to treat this field
// as optional.
//
if (seq.size() > 3)
{
DERTaggedObject tagobj = (DERTaggedObject)seq.getObjectAt(3);
attributes = ASN1Set.getInstance(tagobj, false);
}
if ((subject == null) || (version == null) || (subjectPKInfo == null))
{
throw new IllegalArgumentException("Not all mandatory fields set in CertificationRequestInfo generator.");
}
}
public ASN1Integer getVersion()
{
return version;
}
public X500Name getSubject()
{
return subject;
}
public SubjectPublicKeyInfo getSubjectPublicKeyInfo()
{
return subjectPKInfo;
}
public ASN1Set getAttributes()
{
return attributes;
}
public ASN1Primitive toASN1Primitive()
{
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(version);
v.add(subject);
v.add(subjectPKInfo);
if (attributes != null)
{
v.add(new DERTaggedObject(false, 0, attributes));
}
return new DERSequence(v);
}
}
|