| package org.bouncycastle.pkcs; |
| |
| import java.io.IOException; |
| import java.io.OutputStream; |
| import java.util.ArrayList; |
| import java.util.List; |
| |
| import org.bouncycastle.asn1.ASN1Encoding; |
| import org.bouncycastle.asn1.ASN1ObjectIdentifier; |
| import org.bouncycastle.asn1.ASN1Primitive; |
| import org.bouncycastle.asn1.ASN1Set; |
| import org.bouncycastle.asn1.pkcs.Attribute; |
| import org.bouncycastle.asn1.pkcs.CertificationRequest; |
| import org.bouncycastle.asn1.pkcs.CertificationRequestInfo; |
| import org.bouncycastle.asn1.x500.X500Name; |
| import org.bouncycastle.asn1.x509.AlgorithmIdentifier; |
| import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; |
| import org.bouncycastle.operator.ContentVerifier; |
| import org.bouncycastle.operator.ContentVerifierProvider; |
| |
| /** |
| * Holding class for a PKCS#10 certification request. |
| */ |
| public class PKCS10CertificationRequest |
| { |
| private static Attribute[] EMPTY_ARRAY = new Attribute[0]; |
| |
| private CertificationRequest certificationRequest; |
| |
| private static CertificationRequest parseBytes(byte[] encoding) |
| throws IOException |
| { |
| try |
| { |
| return CertificationRequest.getInstance(ASN1Primitive.fromByteArray(encoding)); |
| } |
| catch (ClassCastException e) |
| { |
| throw new PKCSIOException("malformed data: " + e.getMessage(), e); |
| } |
| catch (IllegalArgumentException e) |
| { |
| throw new PKCSIOException("malformed data: " + e.getMessage(), e); |
| } |
| } |
| |
| /** |
| * Create a PKCS10CertificationRequestHolder from an underlying ASN.1 structure. |
| * |
| * @param certificationRequest the underlying ASN.1 structure representing a request. |
| */ |
| public PKCS10CertificationRequest(CertificationRequest certificationRequest) |
| { |
| this.certificationRequest = certificationRequest; |
| } |
| |
| /** |
| * Create a PKCS10CertificationRequestHolder from the passed in bytes. |
| * |
| * @param encoded BER/DER encoding of the CertificationRequest structure. |
| * @throws IOException in the event of corrupted data, or an incorrect structure. |
| */ |
| public PKCS10CertificationRequest(byte[] encoded) |
| throws IOException |
| { |
| this(parseBytes(encoded)); |
| } |
| |
| /** |
| * Return the underlying ASN.1 structure for this request. |
| * |
| * @return a CertificateRequest object. |
| */ |
| public CertificationRequest toASN1Structure() |
| { |
| return certificationRequest; |
| } |
| |
| /** |
| * Return the subject on this request. |
| * |
| * @return the X500Name representing the request's subject. |
| */ |
| public X500Name getSubject() |
| { |
| return X500Name.getInstance(certificationRequest.getCertificationRequestInfo().getSubject()); |
| } |
| |
| /** |
| * Return the details of the signature algorithm used to create this request. |
| * |
| * @return the AlgorithmIdentifier describing the signature algorithm used to create this request. |
| */ |
| public AlgorithmIdentifier getSignatureAlgorithm() |
| { |
| return certificationRequest.getSignatureAlgorithm(); |
| } |
| |
| /** |
| * Return the bytes making up the signature associated with this request. |
| * |
| * @return the request signature bytes. |
| */ |
| public byte[] getSignature() |
| { |
| return certificationRequest.getSignature().getOctets(); |
| } |
| |
| /** |
| * Return the SubjectPublicKeyInfo describing the public key this request is carrying. |
| * |
| * @return the public key ASN.1 structure contained in the request. |
| */ |
| public SubjectPublicKeyInfo getSubjectPublicKeyInfo() |
| { |
| return certificationRequest.getCertificationRequestInfo().getSubjectPublicKeyInfo(); |
| } |
| |
| /** |
| * Return the attributes, if any associated with this request. |
| * |
| * @return an array of Attribute, zero length if none present. |
| */ |
| public Attribute[] getAttributes() |
| { |
| ASN1Set attrSet = certificationRequest.getCertificationRequestInfo().getAttributes(); |
| |
| if (attrSet == null) |
| { |
| return EMPTY_ARRAY; |
| } |
| |
| Attribute[] attrs = new Attribute[attrSet.size()]; |
| |
| for (int i = 0; i != attrSet.size(); i++) |
| { |
| attrs[i] = Attribute.getInstance(attrSet.getObjectAt(i)); |
| } |
| |
| return attrs; |
| } |
| |
| /** |
| * Return an array of attributes matching the passed in type OID. |
| * |
| * @param type the type of the attribute being looked for. |
| * @return an array of Attribute of the requested type, zero length if none present. |
| */ |
| public Attribute[] getAttributes(ASN1ObjectIdentifier type) |
| { |
| ASN1Set attrSet = certificationRequest.getCertificationRequestInfo().getAttributes(); |
| |
| if (attrSet == null) |
| { |
| return EMPTY_ARRAY; |
| } |
| |
| List list = new ArrayList(); |
| |
| for (int i = 0; i != attrSet.size(); i++) |
| { |
| Attribute attr = Attribute.getInstance(attrSet.getObjectAt(i)); |
| if (attr.getAttrType().equals(type)) |
| { |
| list.add(attr); |
| } |
| } |
| |
| if (list.size() == 0) |
| { |
| return EMPTY_ARRAY; |
| } |
| |
| return (Attribute[])list.toArray(new Attribute[list.size()]); |
| } |
| |
| public byte[] getEncoded() |
| throws IOException |
| { |
| return certificationRequest.getEncoded(); |
| } |
| |
| /** |
| * Validate the signature on the PKCS10 certification request in this holder. |
| * |
| * @param verifierProvider a ContentVerifierProvider that can generate a verifier for the signature. |
| * @return true if the signature is valid, false otherwise. |
| * @throws PKCSException if the signature cannot be processed or is inappropriate. |
| */ |
| public boolean isSignatureValid(ContentVerifierProvider verifierProvider) |
| throws PKCSException |
| { |
| CertificationRequestInfo requestInfo = certificationRequest.getCertificationRequestInfo(); |
| |
| ContentVerifier verifier; |
| |
| try |
| { |
| verifier = verifierProvider.get(certificationRequest.getSignatureAlgorithm()); |
| |
| OutputStream sOut = verifier.getOutputStream(); |
| |
| sOut.write(requestInfo.getEncoded(ASN1Encoding.DER)); |
| |
| sOut.close(); |
| } |
| catch (Exception e) |
| { |
| throw new PKCSException("unable to process signature: " + e.getMessage(), e); |
| } |
| |
| return verifier.verify(this.getSignature()); |
| } |
| |
| public boolean equals(Object o) |
| { |
| if (o == this) |
| { |
| return true; |
| } |
| |
| if (!(o instanceof PKCS10CertificationRequest)) |
| { |
| return false; |
| } |
| |
| PKCS10CertificationRequest other = (PKCS10CertificationRequest)o; |
| |
| return this.toASN1Structure().equals(other.toASN1Structure()); |
| } |
| |
| public int hashCode() |
| { |
| return this.toASN1Structure().hashCode(); |
| } |
| } |