geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From djen...@apache.org
Subject svn commit: r291352 [6/10] - in /geronimo/trunk: applications/console-core/ applications/console-ear/src/plan/ applications/console-standard/src/java/org/apache/geronimo/console/util/ applications/console-standard/src/webapp/WEB-INF/ assemblies/j2ee-se...
Date Sun, 25 Sep 2005 00:32:39 GMT
Added: geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/ObjectDigestInfo.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/ObjectDigestInfo.java?rev=291352&view=auto
==============================================================================
--- geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/ObjectDigestInfo.java (added)
+++ geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/ObjectDigestInfo.java Sat Sep 24 17:31:10 2005
@@ -0,0 +1,138 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.util.asn1.x509;
+
+import org.apache.geronimo.util.asn1.ASN1Encodable;
+import org.apache.geronimo.util.asn1.ASN1EncodableVector;
+import org.apache.geronimo.util.asn1.ASN1Sequence;
+import org.apache.geronimo.util.asn1.ASN1TaggedObject;
+import org.apache.geronimo.util.asn1.DERBitString;
+import org.apache.geronimo.util.asn1.DEREnumerated;
+import org.apache.geronimo.util.asn1.DERObject;
+import org.apache.geronimo.util.asn1.DERObjectIdentifier;
+import org.apache.geronimo.util.asn1.DERSequence;
+import org.apache.geronimo.util.asn1.x509.AlgorithmIdentifier;
+
+
+public class ObjectDigestInfo
+    extends ASN1Encodable
+{
+    DEREnumerated digestedObjectType;
+
+    DERObjectIdentifier otherObjectTypeID;
+
+    AlgorithmIdentifier digestAlgorithm;
+
+    DERBitString objectDigest;
+
+    public static ObjectDigestInfo getInstance(
+            Object  obj)
+    {
+        if (obj == null || obj instanceof ObjectDigestInfo)
+        {
+            return (ObjectDigestInfo)obj;
+        }
+
+        if (obj instanceof ASN1Sequence)
+        {
+            return new ObjectDigestInfo((ASN1Sequence)obj);
+        }
+
+        throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
+    }
+
+    public static ObjectDigestInfo getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public ObjectDigestInfo(ASN1Sequence seq)
+    {
+        digestedObjectType = DEREnumerated.getInstance(seq.getObjectAt(0));
+
+        int offset = 0;
+
+        if (seq.size() == 4)
+        {
+            otherObjectTypeID = DERObjectIdentifier.getInstance(seq.getObjectAt(1));
+            offset++;
+        }
+
+        digestAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(1 + offset));
+
+        objectDigest = new DERBitString(seq.getObjectAt(2 + offset));
+    }
+
+    public DEREnumerated getDigestedObjectType()
+    {
+        return digestedObjectType;
+    }
+
+    public DERObjectIdentifier getOtherObjectTypeID()
+    {
+        return otherObjectTypeID;
+    }
+
+    public AlgorithmIdentifier getDigestAlgorithm()
+    {
+        return digestAlgorithm;
+    }
+
+    public DERBitString getObjectDigest()
+    {
+        return objectDigest;
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     *
+     * <pre>
+     *
+     *   ObjectDigestInfo ::= SEQUENCE {
+     *        digestedObjectType  ENUMERATED {
+     *                publicKey            (0),
+     *                publicKeyCert        (1),
+     *                otherObjectTypes     (2) },
+     *                        -- otherObjectTypes MUST NOT
+     *                        -- be used in this profile
+     *        otherObjectTypeID   OBJECT IDENTIFIER OPTIONAL,
+     *        digestAlgorithm     AlgorithmIdentifier,
+     *        objectDigest        BIT STRING
+     *   }
+     *
+     * </pre>
+     */
+    public DERObject toASN1Object()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(digestedObjectType);
+
+        if (otherObjectTypeID != null)
+        {
+            v.add(otherObjectTypeID);
+        }
+
+        v.add(digestAlgorithm);
+        v.add(objectDigest);
+
+        return new DERSequence(v);
+    }
+}

Added: geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/PolicyInformation.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/PolicyInformation.java?rev=291352&view=auto
==============================================================================
--- geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/PolicyInformation.java (added)
+++ geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/PolicyInformation.java Sat Sep 24 17:31:10 2005
@@ -0,0 +1,98 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.util.asn1.x509;
+
+import org.apache.geronimo.util.asn1.ASN1EncodableVector;
+import org.apache.geronimo.util.asn1.ASN1Sequence;
+import org.apache.geronimo.util.asn1.ASN1Encodable;
+import org.apache.geronimo.util.asn1.DERObject;
+import org.apache.geronimo.util.asn1.DERObjectIdentifier;
+import org.apache.geronimo.util.asn1.DERSequence;
+
+public class PolicyInformation
+    extends ASN1Encodable
+{
+    private DERObjectIdentifier   policyIdentifier;
+    private ASN1Sequence          policyQualifiers;
+
+    public PolicyInformation(
+        ASN1Sequence seq)
+    {
+        policyIdentifier = (DERObjectIdentifier)seq.getObjectAt(0);
+
+        if (seq.size() > 1)
+        {
+            policyQualifiers = (ASN1Sequence)seq.getObjectAt(1);
+        }
+    }
+
+    public PolicyInformation(
+        DERObjectIdentifier policyIdentifier)
+    {
+        this.policyIdentifier = policyIdentifier;
+    }
+
+    public PolicyInformation(
+        DERObjectIdentifier policyIdentifier,
+        ASN1Sequence        policyQualifiers)
+    {
+        this.policyIdentifier = policyIdentifier;
+        this.policyQualifiers = policyQualifiers;
+    }
+
+    public static PolicyInformation getInstance(
+        Object obj)
+    {
+        if (obj == null || obj instanceof PolicyInformation)
+        {
+            return (PolicyInformation)obj;
+        }
+
+        return new PolicyInformation(ASN1Sequence.getInstance(obj));
+    }
+
+    public DERObjectIdentifier getPolicyIdentifier()
+    {
+        return policyIdentifier;
+    }
+
+    public ASN1Sequence getPolicyQualifiers()
+    {
+        return policyQualifiers;
+    }
+
+    /*
+     * PolicyInformation ::= SEQUENCE {
+     *      policyIdentifier   CertPolicyId,
+     *      policyQualifiers   SEQUENCE SIZE (1..MAX) OF
+     *              PolicyQualifierInfo OPTIONAL }
+     */
+    public DERObject toASN1Object()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(policyIdentifier);
+
+        if (policyQualifiers != null)
+        {
+            v.add(policyQualifiers);
+        }
+
+        return new DERSequence(v);
+    }
+}

Added: geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/PolicyMappings.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/PolicyMappings.java?rev=291352&view=auto
==============================================================================
--- geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/PolicyMappings.java (added)
+++ geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/PolicyMappings.java Sat Sep 24 17:31:10 2005
@@ -0,0 +1,84 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.util.asn1.x509;
+
+import java.util.Hashtable;
+import java.util.Enumeration;
+
+import org.apache.geronimo.util.asn1.ASN1Sequence;
+import org.apache.geronimo.util.asn1.ASN1Encodable;
+import org.apache.geronimo.util.asn1.ASN1EncodableVector;
+import org.apache.geronimo.util.asn1.DERObject;
+import org.apache.geronimo.util.asn1.DERObjectIdentifier;
+import org.apache.geronimo.util.asn1.DERSequence;
+
+/**
+ * PolicyMappings V3 extension, described in RFC3280.
+ * <pre>
+ *    PolicyMappings ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE {
+ *      issuerDomainPolicy      CertPolicyId,
+ *      subjectDomainPolicy     CertPolicyId }
+ * </pre>
+ *
+ * @see <a href="http://www.faqs.org/rfc/rfc3280.txt">RFC 3280, section 4.2.1.6</a>
+ */
+public class PolicyMappings
+    extends ASN1Encodable
+{
+   ASN1Sequence seq = null;
+
+   /**
+    * Creates a new <code>PolicyMappings</code> instance.
+    *
+    * @param seq an <code>ASN1Sequence</code> constructed as specified
+    * in RFC 3280
+    */
+   public PolicyMappings (ASN1Sequence seq)
+      {
+         this.seq = seq;
+      }
+
+   /**
+    * Creates a new <code>PolicyMappings</code> instance.
+    *
+    * @param mappings a <code>HashMap</code> value that maps
+    * <code>String</code> oids
+    * to other <code>String</code> oids.
+    */
+   public PolicyMappings (Hashtable mappings)
+      {
+         ASN1EncodableVector dev = new ASN1EncodableVector();
+         Enumeration it = mappings.keys();
+
+         while (it.hasMoreElements()) {
+            String idp = (String) it.nextElement();
+            String sdp = (String) mappings.get(idp);
+            ASN1EncodableVector dv = new ASN1EncodableVector();
+            dv.add(new DERObjectIdentifier(idp));
+            dv.add(new DERObjectIdentifier(sdp));
+            dev.add(new DERSequence(dv));
+         }
+
+         seq = new DERSequence(dev);
+      }
+
+   public DERObject toASN1Object()
+      {
+         return seq;
+      }
+}

Added: geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/PolicyQualifierId.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/PolicyQualifierId.java?rev=291352&view=auto
==============================================================================
--- geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/PolicyQualifierId.java (added)
+++ geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/PolicyQualifierId.java Sat Sep 24 17:31:10 2005
@@ -0,0 +1,48 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+
+package org.apache.geronimo.util.asn1.x509;
+
+import org.apache.geronimo.util.asn1.DERObjectIdentifier;
+
+/**
+ * PolicyQualifierId, used in the CertificatePolicies
+ * X509V3 extension.
+ *
+ * <pre>
+ *    id-qt          OBJECT IDENTIFIER ::=  { id-pkix 2 }
+ *    id-qt-cps      OBJECT IDENTIFIER ::=  { id-qt 1 }
+ *    id-qt-unotice  OBJECT IDENTIFIER ::=  { id-qt 2 }
+ *  PolicyQualifierId ::=
+ *       OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice )
+ * </pre>
+ */
+public class PolicyQualifierId extends DERObjectIdentifier
+{
+   private static final String id_qt = "1.3.6.1.5.5.7.2";
+
+   private PolicyQualifierId(String id)
+      {
+         super(id);
+      }
+
+   public static final PolicyQualifierId id_qt_cps =
+       new PolicyQualifierId(id_qt + ".1");
+   public static final PolicyQualifierId id_qt_unotice =
+       new PolicyQualifierId(id_qt + ".2");
+}

Added: geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/PolicyQualifierInfo.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/PolicyQualifierInfo.java?rev=291352&view=auto
==============================================================================
--- geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/PolicyQualifierInfo.java (added)
+++ geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/PolicyQualifierInfo.java Sat Sep 24 17:31:10 2005
@@ -0,0 +1,110 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.util.asn1.x509;
+
+import org.apache.geronimo.util.asn1.ASN1Encodable;
+import org.apache.geronimo.util.asn1.ASN1EncodableVector;
+import org.apache.geronimo.util.asn1.ASN1Sequence;
+import org.apache.geronimo.util.asn1.DEREncodable;
+import org.apache.geronimo.util.asn1.DERObject;
+import org.apache.geronimo.util.asn1.DERIA5String;
+import org.apache.geronimo.util.asn1.DERObjectIdentifier;
+import org.apache.geronimo.util.asn1.DERSequence;
+
+/**
+ * Policy qualifiers, used in the X509V3 CertificatePolicies
+ * extension.
+ *
+ * <pre>
+ *   PolicyQualifierInfo ::= SEQUENCE {
+ *       policyQualifierId  PolicyQualifierId,
+ *       qualifier          ANY DEFINED BY policyQualifierId }
+ * </pre>
+ */
+public class PolicyQualifierInfo
+    extends ASN1Encodable
+{
+   DERObjectIdentifier policyQualifierId;
+   DEREncodable qualifier;
+
+   /**
+    * Creates a new <code>PolicyQualifierInfo</code> instance.
+    *
+    * @param policyQualifierId a <code>PolicyQualifierId</code> value
+    * @param qualifier the qualifier, defined by the above field.
+    */
+   public PolicyQualifierInfo (DERObjectIdentifier policyQualifierId,
+                               DEREncodable qualifier)
+   {
+      this.policyQualifierId = policyQualifierId;
+      this.qualifier = qualifier;
+   }
+
+   /**
+    * Creates a new <code>PolicyQualifierInfo</code> containing a
+    * cPSuri qualifier.
+    *
+    * @param cps the CPS (certification practice statement) uri as a
+    * <code>String</code>.
+    */
+   public PolicyQualifierInfo (String cps)
+   {
+      policyQualifierId = PolicyQualifierId.id_qt_cps;
+      qualifier = new DERIA5String (cps);
+   }
+
+   /**
+    * Creates a new <code>PolicyQualifierInfo</code> instance.
+    *
+    * @param as <code>PolicyQualifierInfo</code> X509 structure
+    * encoded as an ASN1Sequence.
+    */
+   public PolicyQualifierInfo (ASN1Sequence as)
+   {
+        policyQualifierId = (DERObjectIdentifier) as.getObjectAt(0);
+        qualifier = as.getObjectAt(1);
+    }
+
+   public static PolicyQualifierInfo getInstance (Object as)
+   {
+        if (as instanceof PolicyQualifierInfo)
+        {
+            return (PolicyQualifierInfo)as;
+        }
+        else if (as instanceof ASN1Sequence)
+        {
+            return new PolicyQualifierInfo((ASN1Sequence)as);
+        }
+
+        throw new IllegalArgumentException("unknown object in getInstance.");
+   }
+
+   /**
+    * Returns a DER-encodable representation of this instance.
+    *
+    * @return a <code>DERObject</code> value
+    */
+   public DERObject toASN1Object()
+   {
+      ASN1EncodableVector dev = new ASN1EncodableVector();
+      dev.add(policyQualifierId);
+      dev.add(qualifier);
+
+      return new DERSequence(dev);
+   }
+}

Added: geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/RSAPublicKeyStructure.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/RSAPublicKeyStructure.java?rev=291352&view=auto
==============================================================================
--- geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/RSAPublicKeyStructure.java (added)
+++ geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/RSAPublicKeyStructure.java Sat Sep 24 17:31:10 2005
@@ -0,0 +1,106 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.util.asn1.x509;
+
+import java.math.BigInteger;
+import java.util.Enumeration;
+
+import org.apache.geronimo.util.asn1.ASN1Encodable;
+import org.apache.geronimo.util.asn1.ASN1EncodableVector;
+import org.apache.geronimo.util.asn1.ASN1Sequence;
+import org.apache.geronimo.util.asn1.ASN1TaggedObject;
+import org.apache.geronimo.util.asn1.DERInteger;
+import org.apache.geronimo.util.asn1.DERObject;
+import org.apache.geronimo.util.asn1.DERSequence;
+
+public class RSAPublicKeyStructure
+    extends ASN1Encodable
+{
+    private BigInteger  modulus;
+    private BigInteger  publicExponent;
+
+    public static RSAPublicKeyStructure getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static RSAPublicKeyStructure getInstance(
+        Object obj)
+    {
+        if(obj == null || obj instanceof RSAPublicKeyStructure)
+        {
+            return (RSAPublicKeyStructure)obj;
+        }
+
+        if(obj instanceof ASN1Sequence)
+        {
+            return new RSAPublicKeyStructure((ASN1Sequence)obj);
+        }
+
+        throw new IllegalArgumentException("Invalid RSAPublicKeyStructure: " + obj.getClass().getName());
+    }
+
+    public RSAPublicKeyStructure(
+        BigInteger  modulus,
+        BigInteger  publicExponent)
+    {
+        this.modulus = modulus;
+        this.publicExponent = publicExponent;
+    }
+
+    public RSAPublicKeyStructure(
+        ASN1Sequence  seq)
+    {
+        Enumeration e = seq.getObjects();
+
+        modulus = ((DERInteger)e.nextElement()).getPositiveValue();
+        publicExponent = ((DERInteger)e.nextElement()).getPositiveValue();
+    }
+
+    public BigInteger getModulus()
+    {
+        return modulus;
+    }
+
+    public BigInteger getPublicExponent()
+    {
+        return publicExponent;
+    }
+
+    /**
+     * This outputs the key in PKCS1v2 format.
+     * <pre>
+     *      RSAPublicKey ::= SEQUENCE {
+     *                          modulus INTEGER, -- n
+     *                          publicExponent INTEGER, -- e
+     *                      }
+     * </pre>
+     * <p>
+     */
+    public DERObject toASN1Object()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(new DERInteger(getModulus()));
+        v.add(new DERInteger(getPublicExponent()));
+
+        return new DERSequence(v);
+    }
+}

Added: geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/ReasonFlags.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/ReasonFlags.java?rev=291352&view=auto
==============================================================================
--- geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/ReasonFlags.java (added)
+++ geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/ReasonFlags.java Sat Sep 24 17:31:10 2005
@@ -0,0 +1,102 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.util.asn1.x509;
+
+import org.apache.geronimo.util.asn1.DERBitString;
+
+/**
+ * The ReasonFlags object.
+ * <pre>
+ * ReasonFlags ::= BIT STRING {
+ *      unused                  (0),
+ *      keyCompromise           (1),
+ *      cACompromise            (2),
+ *      affiliationChanged      (3),
+ *      superseded              (4),
+ *      cessationOfOperation    (5),
+ *      certificateHold         (6),
+ *      privilegeWithdrawn      (7),
+ *      aACompromise            (8) }
+ * </pre>
+ */
+public class ReasonFlags
+    extends DERBitString
+{
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int UNUSED                  = (1 << 7);
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int KEY_COMPROMISE          = (1 << 6);
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int CA_COMPROMISE           = (1 << 5);
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int AFFILIATION_CHANGED     = (1 << 4);
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int SUPERSEDED              = (1 << 3);
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int CESSATION_OF_OPERATION  = (1 << 2);
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int CERTIFICATE_HOLD        = (1 << 1);
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int PRIVILEGE_WITHDRAWN     = (1 << 0);
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int AA_COMPROMISE           = (1 << 15);
+
+    public static final int unused                  = (1 << 7);
+    public static final int keyCompromise           = (1 << 6);
+    public static final int cACompromise            = (1 << 5);
+    public static final int affiliationChanged      = (1 << 4);
+    public static final int superseded              = (1 << 3);
+    public static final int cessationOfOperation    = (1 << 2);
+    public static final int certificateHold         = (1 << 1);
+    public static final int privilegeWithdrawn      = (1 << 0);
+    public static final int aACompromise            = (1 << 15);
+
+    /**
+     * @param reasons - the bitwise OR of the Key Reason flags giving the
+     * allowed uses for the key.
+     */
+    public ReasonFlags(
+        int reasons)
+    {
+        super(getBytes(reasons), getPadBits(reasons));
+    }
+
+    public ReasonFlags(
+        DERBitString reasons)
+    {
+        super(reasons.getBytes(), reasons.getPadBits());
+    }
+}

Added: geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/SubjectPublicKeyInfo.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/SubjectPublicKeyInfo.java?rev=291352&view=auto
==============================================================================
--- geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/SubjectPublicKeyInfo.java (added)
+++ geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/SubjectPublicKeyInfo.java Sat Sep 24 17:31:10 2005
@@ -0,0 +1,139 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.util.asn1.x509;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.util.Enumeration;
+
+import org.apache.geronimo.util.asn1.ASN1Encodable;
+import org.apache.geronimo.util.asn1.ASN1EncodableVector;
+import org.apache.geronimo.util.asn1.ASN1InputStream;
+import org.apache.geronimo.util.asn1.ASN1Sequence;
+import org.apache.geronimo.util.asn1.ASN1TaggedObject;
+import org.apache.geronimo.util.asn1.DERBitString;
+import org.apache.geronimo.util.asn1.DEREncodable;
+import org.apache.geronimo.util.asn1.DERObject;
+import org.apache.geronimo.util.asn1.DERSequence;
+
+/**
+ * The object that contains the public key stored in a certficate.
+ * <p>
+ * The getEncoded() method in the public keys in the JCE produces a DER
+ * encoded one of these.
+ */
+public class SubjectPublicKeyInfo
+    extends ASN1Encodable
+{
+    private AlgorithmIdentifier     algId;
+    private DERBitString            keyData;
+
+    public static SubjectPublicKeyInfo getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static SubjectPublicKeyInfo getInstance(
+        Object  obj)
+    {
+        if (obj instanceof SubjectPublicKeyInfo)
+        {
+            return (SubjectPublicKeyInfo)obj;
+        }
+        else if (obj instanceof ASN1Sequence)
+        {
+            return new SubjectPublicKeyInfo((ASN1Sequence)obj);
+        }
+
+        throw new IllegalArgumentException("unknown object in factory");
+    }
+
+    public SubjectPublicKeyInfo(
+        AlgorithmIdentifier algId,
+        DEREncodable        publicKey)
+    {
+        this.keyData = new DERBitString(publicKey);
+        this.algId = algId;
+    }
+
+    public SubjectPublicKeyInfo(
+        AlgorithmIdentifier algId,
+        byte[]              publicKey)
+    {
+        this.keyData = new DERBitString(publicKey);
+        this.algId = algId;
+    }
+
+    public SubjectPublicKeyInfo(
+        ASN1Sequence  seq)
+    {
+        Enumeration         e = seq.getObjects();
+
+        this.algId = AlgorithmIdentifier.getInstance(e.nextElement());
+        this.keyData = (DERBitString)e.nextElement();
+    }
+
+    public AlgorithmIdentifier getAlgorithmId()
+    {
+        return algId;
+    }
+
+    /**
+     * for when the public key is an encoded object - if the bitstring
+     * can't be decoded this routine throws an IOException.
+     *
+     * @exception IOException - if the bit string doesn't represent a DER
+     * encoded object.
+     */
+    public DERObject getPublicKey()
+        throws IOException
+    {
+        ByteArrayInputStream    bIn = new ByteArrayInputStream(keyData.getBytes());
+        ASN1InputStream         aIn = new ASN1InputStream(bIn);
+
+        return aIn.readObject();
+    }
+
+    /**
+     * for when the public key is raw bits...
+     */
+    public DERBitString getPublicKeyData()
+    {
+        return keyData;
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     * SubjectPublicKeyInfo ::= SEQUENCE {
+     *                          algorithm AlgorithmIdentifier,
+     *                          publicKey BIT STRING }
+     * </pre>
+     */
+    public DERObject toASN1Object()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(algId);
+        v.add(keyData);
+
+        return new DERSequence(v);
+    }
+}

Added: geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/TBSCertList.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/TBSCertList.java?rev=291352&view=auto
==============================================================================
--- geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/TBSCertList.java (added)
+++ geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/TBSCertList.java Sat Sep 24 17:31:10 2005
@@ -0,0 +1,219 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.util.asn1.x509;
+
+import org.apache.geronimo.util.asn1.ASN1Encodable;
+import org.apache.geronimo.util.asn1.ASN1Sequence;
+import org.apache.geronimo.util.asn1.ASN1TaggedObject;
+import org.apache.geronimo.util.asn1.DERGeneralizedTime;
+import org.apache.geronimo.util.asn1.DERInteger;
+import org.apache.geronimo.util.asn1.DERObject;
+import org.apache.geronimo.util.asn1.DERTaggedObject;
+import org.apache.geronimo.util.asn1.DERUTCTime;
+
+/**
+ * PKIX RFC-2459 - TBSCertList object.
+ * <pre>
+ * TBSCertList  ::=  SEQUENCE  {
+ *      version                 Version OPTIONAL,
+ *                                   -- if present, shall be v2
+ *      signature               AlgorithmIdentifier,
+ *      issuer                  Name,
+ *      thisUpdate              Time,
+ *      nextUpdate              Time OPTIONAL,
+ *      revokedCertificates     SEQUENCE OF SEQUENCE  {
+ *           userCertificate         CertificateSerialNumber,
+ *           revocationDate          Time,
+ *           crlEntryExtensions      Extensions OPTIONAL
+ *                                         -- if present, shall be v2
+ *                                }  OPTIONAL,
+ *      crlExtensions           [0]  EXPLICIT Extensions OPTIONAL
+ *                                         -- if present, shall be v2
+ *                                }
+ * </pre>
+ */
+public class TBSCertList
+    extends ASN1Encodable
+{
+    public class CRLEntry
+        extends ASN1Encodable
+    {
+        ASN1Sequence  seq;
+
+        DERInteger          userCertificate;
+        Time                revocationDate;
+        X509Extensions      crlEntryExtensions;
+
+        public CRLEntry(
+            ASN1Sequence  seq)
+        {
+            this.seq = seq;
+
+            userCertificate = (DERInteger)seq.getObjectAt(0);
+            revocationDate = Time.getInstance(seq.getObjectAt(1));
+            if (seq.size() == 3)
+            {
+                crlEntryExtensions = X509Extensions.getInstance(seq.getObjectAt(2));
+            }
+        }
+
+        public DERInteger getUserCertificate()
+        {
+            return userCertificate;
+        }
+
+        public Time getRevocationDate()
+        {
+            return revocationDate;
+        }
+
+        public X509Extensions getExtensions()
+        {
+            return crlEntryExtensions;
+        }
+
+        public DERObject toASN1Object()
+        {
+            return seq;
+        }
+    }
+
+    ASN1Sequence     seq;
+
+    DERInteger              version;
+    AlgorithmIdentifier     signature;
+    X509Name                issuer;
+    Time                    thisUpdate;
+    Time                    nextUpdate;
+    CRLEntry[]              revokedCertificates;
+    X509Extensions          crlExtensions;
+
+    public static TBSCertList getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static TBSCertList getInstance(
+        Object  obj)
+    {
+        if (obj instanceof TBSCertList)
+        {
+            return (TBSCertList)obj;
+        }
+        else if (obj instanceof ASN1Sequence)
+        {
+            return new TBSCertList((ASN1Sequence)obj);
+        }
+
+        throw new IllegalArgumentException("unknown object in factory");
+    }
+
+    public TBSCertList(
+        ASN1Sequence  seq)
+    {
+        int seqPos = 0;
+
+        this.seq = seq;
+
+        if (seq.getObjectAt(seqPos) instanceof DERInteger)
+        {
+            version = (DERInteger)seq.getObjectAt(seqPos++);
+        }
+        else
+        {
+            version = new DERInteger(0);
+        }
+
+        signature = AlgorithmIdentifier.getInstance(seq.getObjectAt(seqPos++));
+        issuer = X509Name.getInstance(seq.getObjectAt(seqPos++));
+        thisUpdate = Time.getInstance(seq.getObjectAt(seqPos++));
+
+        if (seqPos < seq.size()
+            && (seq.getObjectAt(seqPos) instanceof DERUTCTime
+               || seq.getObjectAt(seqPos) instanceof DERGeneralizedTime
+               || seq.getObjectAt(seqPos) instanceof Time))
+        {
+            nextUpdate = Time.getInstance(seq.getObjectAt(seqPos++));
+        }
+
+        if (seqPos < seq.size()
+            && !(seq.getObjectAt(seqPos) instanceof DERTaggedObject))
+        {
+            ASN1Sequence certs = (ASN1Sequence)seq.getObjectAt(seqPos++);
+            revokedCertificates = new CRLEntry[certs.size()];
+
+            for ( int i = 0; i < revokedCertificates.length; i++)
+            {
+                revokedCertificates[i] = new CRLEntry((ASN1Sequence)certs.getObjectAt(i));
+            }
+        }
+
+        if (seqPos < seq.size()
+            && seq.getObjectAt(seqPos) instanceof DERTaggedObject)
+        {
+            crlExtensions = X509Extensions.getInstance(seq.getObjectAt(seqPos++));
+        }
+    }
+
+    public int getVersion()
+    {
+        return version.getValue().intValue() + 1;
+    }
+
+    public DERInteger getVersionNumber()
+    {
+        return version;
+    }
+
+    public AlgorithmIdentifier getSignature()
+    {
+        return signature;
+    }
+
+    public X509Name getIssuer()
+    {
+        return issuer;
+    }
+
+    public Time getThisUpdate()
+    {
+        return thisUpdate;
+    }
+
+    public Time getNextUpdate()
+    {
+        return nextUpdate;
+    }
+
+    public CRLEntry[] getRevokedCertificates()
+    {
+        return revokedCertificates;
+    }
+
+    public X509Extensions getExtensions()
+    {
+        return crlExtensions;
+    }
+
+    public DERObject toASN1Object()
+    {
+        return seq;
+    }
+}

Added: geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/TBSCertificateStructure.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/TBSCertificateStructure.java?rev=291352&view=auto
==============================================================================
--- geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/TBSCertificateStructure.java (added)
+++ geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/TBSCertificateStructure.java Sat Sep 24 17:31:10 2005
@@ -0,0 +1,210 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.util.asn1.x509;
+
+import org.apache.geronimo.util.asn1.ASN1Encodable;
+import org.apache.geronimo.util.asn1.ASN1Sequence;
+import org.apache.geronimo.util.asn1.ASN1TaggedObject;
+import org.apache.geronimo.util.asn1.DERBitString;
+import org.apache.geronimo.util.asn1.DERInteger;
+import org.apache.geronimo.util.asn1.DERObject;
+import org.apache.geronimo.util.asn1.DERTaggedObject;
+import org.apache.geronimo.util.asn1.pkcs.PKCSObjectIdentifiers;
+
+/**
+ * The TBSCertificate object.
+ * <pre>
+ * TBSCertificate ::= SEQUENCE {
+ *      version          [ 0 ]  Version DEFAULT v1(0),
+ *      serialNumber            CertificateSerialNumber,
+ *      signature               AlgorithmIdentifier,
+ *      issuer                  Name,
+ *      validity                Validity,
+ *      subject                 Name,
+ *      subjectPublicKeyInfo    SubjectPublicKeyInfo,
+ *      issuerUniqueID    [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
+ *      subjectUniqueID   [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
+ *      extensions        [ 3 ] Extensions OPTIONAL
+ *      }
+ * </pre>
+ * <p>
+ * Note: issuerUniqueID and subjectUniqueID are both deprecated by the IETF. This class
+ * will parse them, but you really shouldn't be creating new ones.
+ */
+public class TBSCertificateStructure
+    extends ASN1Encodable
+    implements X509ObjectIdentifiers, PKCSObjectIdentifiers
+{
+    ASN1Sequence            seq;
+
+    DERInteger              version;
+    DERInteger              serialNumber;
+    AlgorithmIdentifier     signature;
+    X509Name                issuer;
+    Time                    startDate, endDate;
+    X509Name                subject;
+    SubjectPublicKeyInfo    subjectPublicKeyInfo;
+    DERBitString            issuerUniqueId;
+    DERBitString            subjectUniqueId;
+    X509Extensions          extensions;
+
+    public static TBSCertificateStructure getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static TBSCertificateStructure getInstance(
+        Object  obj)
+    {
+        if (obj instanceof TBSCertificateStructure)
+        {
+            return (TBSCertificateStructure)obj;
+        }
+        else if (obj instanceof ASN1Sequence)
+        {
+            return new TBSCertificateStructure((ASN1Sequence)obj);
+        }
+
+        throw new IllegalArgumentException("unknown object in factory");
+    }
+
+    public TBSCertificateStructure(
+        ASN1Sequence  seq)
+    {
+        int         seqStart = 0;
+
+        this.seq = seq;
+
+        //
+        // some certficates don't include a version number - we assume v1
+        //
+        if (seq.getObjectAt(0) instanceof DERTaggedObject)
+        {
+            version = DERInteger.getInstance(seq.getObjectAt(0));
+        }
+        else
+        {
+            seqStart = -1;          // field 0 is missing!
+            version = new DERInteger(0);
+        }
+
+        serialNumber = DERInteger.getInstance(seq.getObjectAt(seqStart + 1));
+
+        signature = AlgorithmIdentifier.getInstance(seq.getObjectAt(seqStart + 2));
+        issuer = X509Name.getInstance(seq.getObjectAt(seqStart + 3));
+
+        //
+        // before and after dates
+        //
+        ASN1Sequence  dates = (ASN1Sequence)seq.getObjectAt(seqStart + 4);
+
+        startDate = Time.getInstance(dates.getObjectAt(0));
+        endDate = Time.getInstance(dates.getObjectAt(1));
+
+        subject = X509Name.getInstance(seq.getObjectAt(seqStart + 5));
+
+        //
+        // public key info.
+        //
+        subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(seq.getObjectAt(seqStart + 6));
+
+        for (int extras = seq.size() - (seqStart + 6) - 1; extras > 0; extras--)
+        {
+            DERTaggedObject extra = (DERTaggedObject)seq.getObjectAt(seqStart + 6 + extras);
+
+            switch (extra.getTagNo())
+            {
+            case 1:
+                issuerUniqueId = DERBitString.getInstance(extra, false);
+                break;
+            case 2:
+                subjectUniqueId = DERBitString.getInstance(extra, false);
+                break;
+            case 3:
+                extensions = X509Extensions.getInstance(extra);
+            }
+        }
+    }
+
+    public int getVersion()
+    {
+        return version.getValue().intValue() + 1;
+    }
+
+    public DERInteger getVersionNumber()
+    {
+        return version;
+    }
+
+    public DERInteger getSerialNumber()
+    {
+        return serialNumber;
+    }
+
+    public AlgorithmIdentifier getSignature()
+    {
+        return signature;
+    }
+
+    public X509Name getIssuer()
+    {
+        return issuer;
+    }
+
+    public Time getStartDate()
+    {
+        return startDate;
+    }
+
+    public Time getEndDate()
+    {
+        return endDate;
+    }
+
+    public X509Name getSubject()
+    {
+        return subject;
+    }
+
+    public SubjectPublicKeyInfo getSubjectPublicKeyInfo()
+    {
+        return subjectPublicKeyInfo;
+    }
+
+    public DERBitString getIssuerUniqueId()
+    {
+        return issuerUniqueId;
+    }
+
+    public DERBitString getSubjectUniqueId()
+    {
+        return subjectUniqueId;
+    }
+
+    public X509Extensions getExtensions()
+    {
+        return extensions;
+    }
+
+    public DERObject toASN1Object()
+    {
+        return seq;
+    }
+}

Added: geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/Time.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/Time.java?rev=291352&view=auto
==============================================================================
--- geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/Time.java (added)
+++ geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/Time.java Sat Sep 24 17:31:10 2005
@@ -0,0 +1,133 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.util.asn1.x509;
+
+import java.text.ParsePosition;
+import java.text.SimpleDateFormat;
+import java.util.Date;
+import java.util.SimpleTimeZone;
+
+import org.apache.geronimo.util.asn1.ASN1Choice;
+import org.apache.geronimo.util.asn1.ASN1Encodable;
+import org.apache.geronimo.util.asn1.ASN1TaggedObject;
+import org.apache.geronimo.util.asn1.DERGeneralizedTime;
+import org.apache.geronimo.util.asn1.DERObject;
+import org.apache.geronimo.util.asn1.DERUTCTime;
+
+public class Time
+    extends ASN1Encodable
+    implements ASN1Choice
+{
+    DERObject   time;
+
+    public static Time getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(obj.getObject()); // must be explicitly tagged
+    }
+
+    public Time(
+        DERObject   time)
+    {
+        if (!(time instanceof DERUTCTime)
+            && !(time instanceof DERGeneralizedTime))
+        {
+            throw new IllegalArgumentException("unknown object passed to Time");
+        }
+
+        this.time = time;
+    }
+
+    /**
+     * creates a time object from a given date - if the date is between 1950
+     * and 2049 a UTCTime object is generated, otherwise a GeneralizedTime
+     * is used.
+     */
+    public Time(
+        Date    date)
+    {
+        SimpleTimeZone      tz = new SimpleTimeZone(0, "Z");
+        SimpleDateFormat    dateF = new SimpleDateFormat("yyyyMMddHHmmss");
+
+        dateF.setTimeZone(tz);
+
+        String  d = dateF.format(date) + "Z";
+        int     year = Integer.parseInt(d.substring(0, 4));
+
+        if (year < 1950 || year > 2049)
+        {
+            time = new DERGeneralizedTime(d);
+        }
+        else
+        {
+            time = new DERUTCTime(d.substring(2));
+        }
+    }
+
+    public static Time getInstance(
+        Object  obj)
+    {
+        if (obj instanceof Time)
+        {
+            return (Time)obj;
+        }
+        else if (obj instanceof DERUTCTime)
+        {
+            return new Time((DERUTCTime)obj);
+        }
+        else if (obj instanceof DERGeneralizedTime)
+        {
+            return new Time((DERGeneralizedTime)obj);
+        }
+
+        throw new IllegalArgumentException("unknown object in factory");
+    }
+
+    public String getTime()
+    {
+        if (time instanceof DERUTCTime)
+        {
+            return ((DERUTCTime)time).getAdjustedTime();
+        }
+        else
+        {
+            return ((DERGeneralizedTime)time).getTime();
+        }
+    }
+
+    public Date getDate()
+    {
+        SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmssz");
+
+        return dateF.parse(this.getTime(), new ParsePosition(0));
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     * Time ::= CHOICE {
+     *             utcTime        UTCTime,
+     *             generalTime    GeneralizedTime }
+     * </pre>
+     */
+    public DERObject toASN1Object()
+    {
+        return time;
+    }
+}

Added: geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/UserNotice.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/UserNotice.java?rev=291352&view=auto
==============================================================================
--- geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/UserNotice.java (added)
+++ geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/UserNotice.java Sat Sep 24 17:31:10 2005
@@ -0,0 +1,120 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.util.asn1.x509;
+
+import org.apache.geronimo.util.asn1.ASN1Encodable;
+import org.apache.geronimo.util.asn1.ASN1EncodableVector;
+import org.apache.geronimo.util.asn1.ASN1Sequence;
+import org.apache.geronimo.util.asn1.DERObject;
+import org.apache.geronimo.util.asn1.DERSequence;
+
+/**
+ * <code>UserNotice</code> class, used in
+ * <code>CertificatePolicies</code> X509 extensions (in policy
+ * qualifiers).
+ * <pre>
+ * UserNotice ::= SEQUENCE {
+ *      noticeRef        NoticeReference OPTIONAL,
+ *      explicitText     DisplayText OPTIONAL}
+ *
+ * </pre>
+ *
+ * @see PolicyQualifierId
+ * @see PolicyInformation
+ */
+public class UserNotice
+    extends ASN1Encodable
+{
+    NoticeReference noticeRef;
+    DisplayText     explicitText;
+
+    /**
+     * Creates a new <code>UserNotice</code> instance.
+     *
+     * @param noticeRef a <code>NoticeReference</code> value
+     * @param explicitText a <code>DisplayText</code> value
+     */
+    public UserNotice(
+        NoticeReference noticeRef,
+        DisplayText explicitText)
+    {
+        this.noticeRef = noticeRef;
+        this.explicitText = explicitText;
+    }
+
+    /**
+     * Creates a new <code>UserNotice</code> instance.
+     *
+     * @param noticeRef a <code>NoticeReference</code> value
+     * @param str the explicitText field as a String.
+     */
+    public UserNotice(
+        NoticeReference noticeRef,
+        String str)
+    {
+        this.noticeRef = noticeRef;
+        this.explicitText = new DisplayText(str);
+    }
+
+   /**
+    * Creates a new <code>UserNotice</code> instance.
+    * <p>Useful from reconstructing a <code>UserNotice</code> instance
+    * from its encodable/encoded form.
+    *
+    * @param as an <code>ASN1Sequence</code> value obtained from either
+    * calling @{link toASN1Object()} for a <code>UserNotice</code>
+    * instance or from parsing it from a DER-encoded stream.
+    */
+   public UserNotice(
+       ASN1Sequence as)
+   {
+       if (as.size() == 2)
+       {
+           noticeRef = NoticeReference.getInstance(as.getObjectAt(0));
+           explicitText = DisplayText.getInstance(as.getObjectAt(1));
+       }
+       else if (as.size() == 1)
+       {
+           if (as.getObjectAt(0).getDERObject() instanceof ASN1Sequence)
+           {
+               noticeRef = NoticeReference.getInstance(as.getObjectAt(0));
+           }
+           else
+           {
+               explicitText = DisplayText.getInstance(as.getObjectAt(0));
+           }
+       }
+    }
+
+    public DERObject toASN1Object()
+    {
+        ASN1EncodableVector av = new ASN1EncodableVector();
+
+        if (noticeRef != null)
+        {
+            av.add(noticeRef);
+        }
+
+        if (explicitText != null)
+        {
+            av.add(explicitText);
+        }
+
+        return new DERSequence(av);
+    }
+}

Added: geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/V1TBSCertificateGenerator.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/V1TBSCertificateGenerator.java?rev=291352&view=auto
==============================================================================
--- geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/V1TBSCertificateGenerator.java (added)
+++ geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/V1TBSCertificateGenerator.java Sat Sep 24 17:31:10 2005
@@ -0,0 +1,142 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.util.asn1.x509;
+
+import org.apache.geronimo.util.asn1.ASN1EncodableVector;
+import org.apache.geronimo.util.asn1.DERInteger;
+import org.apache.geronimo.util.asn1.DERSequence;
+import org.apache.geronimo.util.asn1.DERTaggedObject;
+import org.apache.geronimo.util.asn1.DERUTCTime;
+
+/**
+ * Generator for Version 1 TBSCertificateStructures.
+ * <pre>
+ * TBSCertificate ::= SEQUENCE {
+ *      version          [ 0 ]  Version DEFAULT v1(0),
+ *      serialNumber            CertificateSerialNumber,
+ *      signature               AlgorithmIdentifier,
+ *      issuer                  Name,
+ *      validity                Validity,
+ *      subject                 Name,
+ *      subjectPublicKeyInfo    SubjectPublicKeyInfo,
+ *      }
+ * </pre>
+ *
+ */
+public class V1TBSCertificateGenerator
+{
+    DERTaggedObject         version = new DERTaggedObject(0, new DERInteger(0));
+
+    DERInteger              serialNumber;
+    AlgorithmIdentifier     signature;
+    X509Name                issuer;
+    Time                    startDate, endDate;
+    X509Name                subject;
+    SubjectPublicKeyInfo    subjectPublicKeyInfo;
+
+    public V1TBSCertificateGenerator()
+    {
+    }
+
+    public void setSerialNumber(
+        DERInteger  serialNumber)
+    {
+        this.serialNumber = serialNumber;
+    }
+
+    public void setSignature(
+        AlgorithmIdentifier    signature)
+    {
+        this.signature = signature;
+    }
+
+    public void setIssuer(
+        X509Name    issuer)
+    {
+        this.issuer = issuer;
+    }
+
+    public void setStartDate(
+        Time startDate)
+    {
+        this.startDate = startDate;
+    }
+
+    public void setStartDate(
+        DERUTCTime startDate)
+    {
+        this.startDate = new Time(startDate);
+    }
+
+    public void setEndDate(
+        Time endDate)
+    {
+        this.endDate = endDate;
+    }
+
+    public void setEndDate(
+        DERUTCTime endDate)
+    {
+        this.endDate = new Time(endDate);
+    }
+
+    public void setSubject(
+        X509Name    subject)
+    {
+        this.subject = subject;
+    }
+
+    public void setSubjectPublicKeyInfo(
+        SubjectPublicKeyInfo    pubKeyInfo)
+    {
+        this.subjectPublicKeyInfo = pubKeyInfo;
+    }
+
+    public TBSCertificateStructure generateTBSCertificate()
+    {
+        if ((serialNumber == null) || (signature == null)
+            || (issuer == null) || (startDate == null) || (endDate == null)
+            || (subject == null) || (subjectPublicKeyInfo == null))
+        {
+            throw new IllegalStateException("not all mandatory fields set in V1 TBScertificate generator");
+        }
+
+        ASN1EncodableVector  seq = new ASN1EncodableVector();
+
+        // seq.add(version); - not required as default value.
+        seq.add(serialNumber);
+        seq.add(signature);
+        seq.add(issuer);
+
+        //
+        // before and after dates
+        //
+        ASN1EncodableVector  validity = new ASN1EncodableVector();
+
+        validity.add(startDate);
+        validity.add(endDate);
+
+        seq.add(new DERSequence(validity));
+
+        seq.add(subject);
+
+        seq.add(subjectPublicKeyInfo);
+
+        return new TBSCertificateStructure(new DERSequence(seq));
+    }
+}

Added: geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/V2AttributeCertificateInfoGenerator.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/V2AttributeCertificateInfoGenerator.java?rev=291352&view=auto
==============================================================================
--- geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/V2AttributeCertificateInfoGenerator.java (added)
+++ geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/V2AttributeCertificateInfoGenerator.java Sat Sep 24 17:31:10 2005
@@ -0,0 +1,163 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.util.asn1.x509;
+
+import org.apache.geronimo.util.asn1.ASN1Encodable;
+import org.apache.geronimo.util.asn1.ASN1EncodableVector;
+import org.apache.geronimo.util.asn1.DERInteger;
+import org.apache.geronimo.util.asn1.DERObjectIdentifier;
+import org.apache.geronimo.util.asn1.DERSequence;
+import org.apache.geronimo.util.asn1.DERGeneralizedTime;
+import org.apache.geronimo.util.asn1.DERBitString;
+import org.apache.geronimo.util.asn1.DERSet;
+
+/**
+ * Generator for Version 2 AttributeCertificateInfo
+ * <pre>
+ * AttributeCertificateInfo ::= SEQUENCE {
+ *       version              AttCertVersion -- version is v2,
+ *       holder               Holder,
+ *       issuer               AttCertIssuer,
+ *       signature            AlgorithmIdentifier,
+ *       serialNumber         CertificateSerialNumber,
+ *       attrCertValidityPeriod   AttCertValidityPeriod,
+ *       attributes           SEQUENCE OF Attribute,
+ *       issuerUniqueID       UniqueIdentifier OPTIONAL,
+ *       extensions           Extensions OPTIONAL
+ * }
+ * </pre>
+ *
+ */
+public class V2AttributeCertificateInfoGenerator
+{
+    private DERInteger version;
+    private Holder holder;
+    private AttCertIssuer issuer;
+    private AlgorithmIdentifier signature;
+    private DERInteger serialNumber;
+    private AttCertValidityPeriod attrCertValidityPeriod;
+    private ASN1EncodableVector attributes;
+    private DERBitString issuerUniqueID;
+    private X509Extensions extensions;
+    private DERGeneralizedTime startDate, endDate;
+
+    public V2AttributeCertificateInfoGenerator()
+    {
+        this.version = new DERInteger(1);
+        attributes = new ASN1EncodableVector();
+    }
+
+    public void setHolder(Holder holder)
+    {
+        this.holder = holder;
+    }
+
+    public void addAttribute(String oid, ASN1Encodable value)
+    {
+        attributes.add(new Attribute(new DERObjectIdentifier(oid), new DERSet(value)));
+    }
+
+    /**
+     * @param attribute
+     */
+    public void addAttribute(Attribute attribute)
+    {
+        attributes.add(attribute);
+    }
+
+    public void setSerialNumber(
+        DERInteger  serialNumber)
+    {
+        this.serialNumber = serialNumber;
+    }
+
+    public void setSignature(
+        AlgorithmIdentifier    signature)
+    {
+        this.signature = signature;
+    }
+
+    public void setIssuer(
+        AttCertIssuer    issuer)
+    {
+        this.issuer = issuer;
+    }
+
+    public void setStartDate(
+        DERGeneralizedTime startDate)
+    {
+        this.startDate = startDate;
+    }
+
+    public void setEndDate(
+        DERGeneralizedTime endDate)
+    {
+        this.endDate = endDate;
+    }
+
+    public void setIssuerUniqueID(
+        DERBitString    issuerUniqueID)
+    {
+        this.issuerUniqueID = issuerUniqueID;
+    }
+
+    public void setExtensions(
+        X509Extensions    extensions)
+    {
+        this.extensions = extensions;
+    }
+
+    public AttributeCertificateInfo generateAttributeCertificateInfo()
+    {
+        if ((serialNumber == null) || (signature == null)
+            || (issuer == null) || (startDate == null) || (endDate == null)
+            || (holder == null) || (attributes == null))
+        {
+            throw new IllegalStateException("not all mandatory fields set in V2 AttributeCertificateInfo generator");
+        }
+
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(version);
+        v.add(holder);
+        v.add(issuer);
+        v.add(signature);
+        v.add(serialNumber);
+
+        //
+        // before and after dates => AttCertValidityPeriod
+        //
+        AttCertValidityPeriod validity = new AttCertValidityPeriod(startDate, endDate);
+        v.add(validity);
+
+        // Attributes
+        v.add(new DERSequence(attributes));
+
+        if (issuerUniqueID != null)
+        {
+            v.add(issuerUniqueID);
+        }
+
+        if (extensions != null)
+        {
+            v.add(extensions);
+        }
+
+        return new AttributeCertificateInfo(new DERSequence(v));
+    }
+}

Added: geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/V2Form.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/V2Form.java?rev=291352&view=auto
==============================================================================
--- geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/V2Form.java (added)
+++ geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/V2Form.java Sat Sep 24 17:31:10 2005
@@ -0,0 +1,137 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.util.asn1.x509;
+
+import org.apache.geronimo.util.asn1.ASN1Encodable;
+import org.apache.geronimo.util.asn1.ASN1EncodableVector;
+import org.apache.geronimo.util.asn1.ASN1Sequence;
+import org.apache.geronimo.util.asn1.ASN1TaggedObject;
+import org.apache.geronimo.util.asn1.DERObject;
+import org.apache.geronimo.util.asn1.DERSequence;
+import org.apache.geronimo.util.asn1.DERTaggedObject;
+
+public class V2Form
+    extends ASN1Encodable
+{
+    GeneralNames        issuerName;
+    IssuerSerial        baseCertificateID;
+    ObjectDigestInfo    objectDigestInfo;
+
+    public static V2Form getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static V2Form getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof V2Form)
+        {
+            return (V2Form)obj;
+        }
+        else if (obj instanceof ASN1Sequence)
+        {
+            return new V2Form((ASN1Sequence)obj);
+        }
+
+        throw new IllegalArgumentException("unknown object in factory");
+    }
+
+    public V2Form(
+        GeneralNames    issuerName)
+    {
+        this.issuerName = issuerName;
+    }
+
+    public V2Form(
+        ASN1Sequence seq)
+    {
+        int    index = 0;
+
+        if (!(seq.getObjectAt(0) instanceof ASN1TaggedObject))
+        {
+            index++;
+            this.issuerName = GeneralNames.getInstance(seq.getObjectAt(0));
+        }
+
+        for (int i = index; i != seq.size(); i++)
+        {
+            ASN1TaggedObject o = (ASN1TaggedObject)seq.getObjectAt(i);
+            if (o.getTagNo() == 0)
+            {
+                baseCertificateID = IssuerSerial.getInstance(o, false);
+            }
+            else if (o.getTagNo() == 1)
+            {
+                objectDigestInfo = ObjectDigestInfo.getInstance(o, false);
+            }
+        }
+    }
+
+    public GeneralNames getIssuerName()
+    {
+        return issuerName;
+    }
+
+    public IssuerSerial getBaseCertificateID()
+    {
+        return baseCertificateID;
+    }
+
+    public ObjectDigestInfo getObjectDigestInfo()
+    {
+        return objectDigestInfo;
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     *  V2Form ::= SEQUENCE {
+     *       issuerName            GeneralNames  OPTIONAL,
+     *       baseCertificateID     [0] IssuerSerial  OPTIONAL,
+     *       objectDigestInfo      [1] ObjectDigestInfo  OPTIONAL
+     *         -- issuerName MUST be present in this profile
+     *         -- baseCertificateID and objectDigestInfo MUST NOT
+     *         -- be present in this profile
+     *  }
+     * </pre>
+     */
+    public DERObject toASN1Object()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        if (issuerName != null)
+        {
+            v.add(issuerName);
+        }
+
+        if (baseCertificateID != null)
+        {
+            v.add(new DERTaggedObject(false, 0, baseCertificateID));
+        }
+
+        if (objectDigestInfo != null)
+        {
+            v.add(new DERTaggedObject(false, 1, objectDigestInfo));
+        }
+
+        return new DERSequence(v);
+    }
+}

Added: geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/V2TBSCertListGenerator.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/V2TBSCertListGenerator.java?rev=291352&view=auto
==============================================================================
--- geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/V2TBSCertListGenerator.java (added)
+++ geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/V2TBSCertListGenerator.java Sat Sep 24 17:31:10 2005
@@ -0,0 +1,221 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.util.asn1.x509;
+
+import java.io.IOException;
+import java.util.Enumeration;
+import java.util.Vector;
+
+import org.apache.geronimo.util.asn1.ASN1EncodableVector;
+import org.apache.geronimo.util.asn1.ASN1Sequence;
+import org.apache.geronimo.util.asn1.DERGeneralizedTime;
+import org.apache.geronimo.util.asn1.DERInteger;
+import org.apache.geronimo.util.asn1.DEROctetString;
+import org.apache.geronimo.util.asn1.DERSequence;
+import org.apache.geronimo.util.asn1.DERTaggedObject;
+import org.apache.geronimo.util.asn1.DERUTCTime;
+
+/**
+ * Generator for Version 2 TBSCertList structures.
+ * <pre>
+ *  TBSCertList  ::=  SEQUENCE  {
+ *       version                 Version OPTIONAL,
+ *                                    -- if present, shall be v2
+ *       signature               AlgorithmIdentifier,
+ *       issuer                  Name,
+ *       thisUpdate              Time,
+ *       nextUpdate              Time OPTIONAL,
+ *       revokedCertificates     SEQUENCE OF SEQUENCE  {
+ *            userCertificate         CertificateSerialNumber,
+ *            revocationDate          Time,
+ *            crlEntryExtensions      Extensions OPTIONAL
+ *                                          -- if present, shall be v2
+ *                                 }  OPTIONAL,
+ *       crlExtensions           [0]  EXPLICIT Extensions OPTIONAL
+ *                                          -- if present, shall be v2
+ *                                 }
+ * </pre>
+ *
+ * <b>Note: This class may be subject to change</b>
+ */
+public class V2TBSCertListGenerator
+{
+    DERInteger version = new DERInteger(1);
+
+    AlgorithmIdentifier     signature;
+    X509Name                issuer;
+    Time                    thisUpdate, nextUpdate=null;
+    X509Extensions          extensions=null;
+    private Vector          crlentries=null;
+
+    public V2TBSCertListGenerator()
+    {
+    }
+
+
+    public void setSignature(
+        AlgorithmIdentifier    signature)
+    {
+        this.signature = signature;
+    }
+
+    public void setIssuer(
+        X509Name    issuer)
+    {
+        this.issuer = issuer;
+    }
+
+    public void setThisUpdate(
+        DERUTCTime thisUpdate)
+    {
+        this.thisUpdate = new Time(thisUpdate);
+    }
+
+    public void setNextUpdate(
+        DERUTCTime nextUpdate)
+    {
+        this.nextUpdate = new Time(nextUpdate);
+    }
+
+    public void setThisUpdate(
+        Time thisUpdate)
+    {
+        this.thisUpdate = thisUpdate;
+    }
+
+    public void setNextUpdate(
+        Time nextUpdate)
+    {
+        this.nextUpdate = nextUpdate;
+    }
+
+    public void addCRLEntry(
+        ASN1Sequence crlEntry)
+    {
+        if (crlentries == null)
+            crlentries = new Vector();
+        crlentries.addElement(crlEntry);
+    }
+
+    public void addCRLEntry(DERInteger userCertificate, DERUTCTime revocationDate, int reason)
+    {
+        addCRLEntry(userCertificate, new Time(revocationDate), reason);
+    }
+
+    public void addCRLEntry(DERInteger userCertificate, Time revocationDate, int reason)
+    {
+        addCRLEntry(userCertificate, revocationDate, reason, null);
+    }
+
+    public void addCRLEntry(DERInteger userCertificate, Time revocationDate, int reason, DERGeneralizedTime invalidityDate)
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(userCertificate);
+        v.add(revocationDate);
+
+        Vector extOids = new Vector();
+        Vector extValues = new Vector();
+
+        if (reason != 0)
+        {
+            CRLReason crlReason = new CRLReason(reason);
+
+            try
+            {
+                extOids.addElement(X509Extensions.ReasonCode);
+                extValues.addElement(new X509Extension(false, new DEROctetString(crlReason.getEncoded())));
+            }
+            catch (IOException e)
+            {
+                throw new IllegalArgumentException("error encoding reason: " + e);
+            }
+        }
+
+        if (invalidityDate != null)
+        {
+            try
+            {
+                extOids.addElement(X509Extensions.InvalidityDate);
+                extValues.addElement(new X509Extension(false, new DEROctetString(invalidityDate.getEncoded())));
+            }
+            catch (IOException e)
+            {
+                throw new IllegalArgumentException("error encoding invalidityDate: " + e);
+            }
+        }
+
+        if (extOids.size() != 0)
+        {
+            X509Extensions ex = new X509Extensions(extOids, extValues);
+            v.add(ex);
+        }
+
+        if (crlentries == null)
+        {
+            crlentries = new Vector();
+        }
+
+        crlentries.addElement(new DERSequence(v));
+    }
+
+    public void setExtensions(
+        X509Extensions    extensions)
+    {
+        this.extensions = extensions;
+    }
+
+    public TBSCertList generateTBSCertList()
+    {
+        if ((signature == null) || (issuer == null) || (thisUpdate == null))
+        {
+            throw new IllegalStateException("Not all mandatory fields set in V2 TBSCertList generator.");
+        }
+
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(version);
+        v.add(signature);
+        v.add(issuer);
+
+        v.add(thisUpdate);
+        if (nextUpdate != null)
+        {
+            v.add(nextUpdate);
+        }
+
+        // Add CRLEntries if they exist
+        if (crlentries != null)
+        {
+            ASN1EncodableVector certs = new ASN1EncodableVector();
+            Enumeration it = crlentries.elements();
+            while( it.hasMoreElements() )
+            {
+                certs.add((ASN1Sequence)it.nextElement());
+            }
+            v.add(new DERSequence(certs));
+        }
+
+        if (extensions != null)
+        {
+            v.add(new DERTaggedObject(0, extensions));
+        }
+
+        return new TBSCertList(new DERSequence(v));
+    }
+}

Added: geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/V3TBSCertificateGenerator.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/V3TBSCertificateGenerator.java?rev=291352&view=auto
==============================================================================
--- geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/V3TBSCertificateGenerator.java (added)
+++ geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/V3TBSCertificateGenerator.java Sat Sep 24 17:31:10 2005
@@ -0,0 +1,157 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.util.asn1.x509;
+
+import org.apache.geronimo.util.asn1.ASN1EncodableVector;
+import org.apache.geronimo.util.asn1.DERInteger;
+import org.apache.geronimo.util.asn1.DERSequence;
+import org.apache.geronimo.util.asn1.DERTaggedObject;
+import org.apache.geronimo.util.asn1.DERUTCTime;
+
+/**
+ * Generator for Version 3 TBSCertificateStructures.
+ * <pre>
+ * TBSCertificate ::= SEQUENCE {
+ *      version          [ 0 ]  Version DEFAULT v1(0),
+ *      serialNumber            CertificateSerialNumber,
+ *      signature               AlgorithmIdentifier,
+ *      issuer                  Name,
+ *      validity                Validity,
+ *      subject                 Name,
+ *      subjectPublicKeyInfo    SubjectPublicKeyInfo,
+ *      issuerUniqueID    [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
+ *      subjectUniqueID   [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
+ *      extensions        [ 3 ] Extensions OPTIONAL
+ *      }
+ * </pre>
+ *
+ */
+public class V3TBSCertificateGenerator
+{
+    DERTaggedObject         version = new DERTaggedObject(0, new DERInteger(2));
+
+    DERInteger              serialNumber;
+    AlgorithmIdentifier     signature;
+    X509Name                issuer;
+    Time                    startDate, endDate;
+    X509Name                subject;
+    SubjectPublicKeyInfo    subjectPublicKeyInfo;
+    X509Extensions          extensions;
+
+    public V3TBSCertificateGenerator()
+    {
+    }
+
+    public void setSerialNumber(
+        DERInteger  serialNumber)
+    {
+        this.serialNumber = serialNumber;
+    }
+
+    public void setSignature(
+        AlgorithmIdentifier    signature)
+    {
+        this.signature = signature;
+    }
+
+    public void setIssuer(
+        X509Name    issuer)
+    {
+        this.issuer = issuer;
+    }
+
+    public void setStartDate(
+        DERUTCTime startDate)
+    {
+        this.startDate = new Time(startDate);
+    }
+
+    public void setStartDate(
+        Time startDate)
+    {
+        this.startDate = startDate;
+    }
+
+    public void setEndDate(
+        DERUTCTime endDate)
+    {
+        this.endDate = new Time(endDate);
+    }
+
+    public void setEndDate(
+        Time endDate)
+    {
+        this.endDate = endDate;
+    }
+
+    public void setSubject(
+        X509Name    subject)
+    {
+        this.subject = subject;
+    }
+
+    public void setSubjectPublicKeyInfo(
+        SubjectPublicKeyInfo    pubKeyInfo)
+    {
+        this.subjectPublicKeyInfo = pubKeyInfo;
+    }
+
+    public void setExtensions(
+        X509Extensions    extensions)
+    {
+        this.extensions = extensions;
+    }
+
+    public TBSCertificateStructure generateTBSCertificate()
+    {
+        if ((serialNumber == null) || (signature == null)
+            || (issuer == null) || (startDate == null) || (endDate == null)
+            || (subject == null) || (subjectPublicKeyInfo == null))
+        {
+            throw new IllegalStateException("not all mandatory fields set in V3 TBScertificate generator");
+        }
+
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(version);
+        v.add(serialNumber);
+        v.add(signature);
+        v.add(issuer);
+
+        //
+        // before and after dates
+        //
+        ASN1EncodableVector  validity = new ASN1EncodableVector();
+
+        validity.add(startDate);
+        validity.add(endDate);
+
+        v.add(new DERSequence(validity));
+
+        v.add(subject);
+
+        v.add(subjectPublicKeyInfo);
+
+        if (extensions != null)
+        {
+            v.add(new DERTaggedObject(3, extensions));
+        }
+
+        return new TBSCertificateStructure(new DERSequence(v));
+    }
+}

Added: geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/X509CertificateStructure.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/X509CertificateStructure.java?rev=291352&view=auto
==============================================================================
--- geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/X509CertificateStructure.java (added)
+++ geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/X509CertificateStructure.java Sat Sep 24 17:31:10 2005
@@ -0,0 +1,144 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.util.asn1.x509;
+
+import org.apache.geronimo.util.asn1.ASN1Encodable;
+import org.apache.geronimo.util.asn1.ASN1Sequence;
+import org.apache.geronimo.util.asn1.ASN1TaggedObject;
+import org.apache.geronimo.util.asn1.DERBitString;
+import org.apache.geronimo.util.asn1.DERInteger;
+import org.apache.geronimo.util.asn1.DERObject;
+import org.apache.geronimo.util.asn1.pkcs.PKCSObjectIdentifiers;
+
+/**
+ * an X509Certificate structure.
+ * <pre>
+ *  Certificate ::= SEQUENCE {
+ *      tbsCertificate          TBSCertificate,
+ *      signatureAlgorithm      AlgorithmIdentifier,
+ *      signature               BIT STRING
+ *  }
+ * </pre>
+ */
+public class X509CertificateStructure
+    extends ASN1Encodable
+    implements X509ObjectIdentifiers, PKCSObjectIdentifiers
+{
+    ASN1Sequence  seq;
+    TBSCertificateStructure tbsCert;
+    AlgorithmIdentifier     sigAlgId;
+    DERBitString            sig;
+
+    public static X509CertificateStructure getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static X509CertificateStructure getInstance(
+        Object  obj)
+    {
+        if (obj instanceof X509CertificateStructure)
+        {
+            return (X509CertificateStructure)obj;
+        }
+        else if (obj instanceof ASN1Sequence)
+        {
+            return new X509CertificateStructure((ASN1Sequence)obj);
+        }
+
+        throw new IllegalArgumentException("unknown object in factory");
+    }
+
+    public X509CertificateStructure(
+        ASN1Sequence  seq)
+    {
+        this.seq = seq;
+
+        //
+        // correct x509 certficate
+        //
+        if (seq.size() == 3)
+        {
+            tbsCert = TBSCertificateStructure.getInstance(seq.getObjectAt(0));
+            sigAlgId = AlgorithmIdentifier.getInstance(seq.getObjectAt(1));
+
+            sig = (DERBitString)seq.getObjectAt(2);
+        }
+        else
+        {
+            throw new IllegalArgumentException("sequence wrong size for a certificate");
+        }
+    }
+
+    public TBSCertificateStructure getTBSCertificate()
+    {
+        return tbsCert;
+    }
+
+    public int getVersion()
+    {
+        return tbsCert.getVersion();
+    }
+
+    public DERInteger getSerialNumber()
+    {
+        return tbsCert.getSerialNumber();
+    }
+
+    public X509Name getIssuer()
+    {
+        return tbsCert.getIssuer();
+    }
+
+    public Time getStartDate()
+    {
+        return tbsCert.getStartDate();
+    }
+
+    public Time getEndDate()
+    {
+        return tbsCert.getEndDate();
+    }
+
+    public X509Name getSubject()
+    {
+        return tbsCert.getSubject();
+    }
+
+    public SubjectPublicKeyInfo getSubjectPublicKeyInfo()
+    {
+        return tbsCert.getSubjectPublicKeyInfo();
+    }
+
+    public AlgorithmIdentifier getSignatureAlgorithm()
+    {
+        return sigAlgId;
+    }
+
+    public DERBitString getSignature()
+    {
+        return sig;
+    }
+
+    public DERObject toASN1Object()
+    {
+        return seq;
+    }
+}

Added: geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/X509DefaultEntryConverter.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/X509DefaultEntryConverter.java?rev=291352&view=auto
==============================================================================
--- geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/X509DefaultEntryConverter.java (added)
+++ geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/X509DefaultEntryConverter.java Sat Sep 24 17:31:10 2005
@@ -0,0 +1,74 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.util.asn1.x509;
+
+import java.io.IOException;
+
+import org.apache.geronimo.util.asn1.DERBMPString;
+import org.apache.geronimo.util.asn1.DERIA5String;
+import org.apache.geronimo.util.asn1.DERObject;
+import org.apache.geronimo.util.asn1.DERObjectIdentifier;
+import org.apache.geronimo.util.asn1.DERPrintableString;
+import org.apache.geronimo.util.asn1.DERUTF8String;
+
+/**
+ * The default converter for X509 DN entries when going from their
+ * string value to
+ */
+public class X509DefaultEntryConverter
+    extends X509NameEntryConverter
+{
+    /**
+     * Apply default coversion for the given value depending on the oid
+     * and the character range of the value.
+     *
+     * @param oid the object identifier for the DN entry
+     * @param value the value associated with it
+     * @return the ASN.1 equivalent for the string value.
+     */
+    public DERObject getConvertedValue(
+        DERObjectIdentifier  oid,
+        String               value)
+    {
+        if (value.length() != 0 && value.charAt(0) == '#')
+        {
+            try
+            {
+                return convertHexEncoded(value, 1);
+            }
+            catch (IOException e)
+            {
+                throw new RuntimeException("can't recode value for oid " + oid.getId());
+            }
+        }
+        else if (oid.equals(X509Name.EmailAddress))
+        {
+            return new DERIA5String(value);
+        }
+        else if (canBePrintable(value))
+        {
+            return new DERPrintableString(value);
+        }
+        else if (canBeUTF8(value))
+        {
+            return new DERUTF8String(value);
+        }
+
+        return new DERBMPString(value);
+    }
+}

Added: geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/X509Extension.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/X509Extension.java?rev=291352&view=auto
==============================================================================
--- geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/X509Extension.java (added)
+++ geronimo/trunk/modules/util/src/java/org/apache/geronimo/util/asn1/x509/X509Extension.java Sat Sep 24 17:31:10 2005
@@ -0,0 +1,81 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.util.asn1.x509;
+
+import org.apache.geronimo.util.asn1.ASN1OctetString;
+import org.apache.geronimo.util.asn1.DERBoolean;
+
+/**
+ * an object for the elements in the X.509 V3 extension block.
+ */
+public class X509Extension
+{
+    boolean             critical;
+    ASN1OctetString      value;
+
+    public X509Extension(
+        DERBoolean              critical,
+        ASN1OctetString         value)
+    {
+        this.critical = critical.isTrue();
+        this.value = value;
+    }
+
+    public X509Extension(
+        boolean                 critical,
+        ASN1OctetString         value)
+    {
+        this.critical = critical;
+        this.value = value;
+    }
+
+    public boolean isCritical()
+    {
+        return critical;
+    }
+
+    public ASN1OctetString getValue()
+    {
+        return value;
+    }
+
+    public int hashCode()
+    {
+        if (this.isCritical())
+        {
+            return this.getValue().hashCode();
+        }
+
+
+        return ~this.getValue().hashCode();
+    }
+
+    public boolean equals(
+        Object  o)
+    {
+        if (o == null || !(o instanceof X509Extension))
+        {
+            return false;
+        }
+
+        X509Extension   other = (X509Extension)o;
+
+        return other.getValue().equals(this.getValue())
+            && (other.isCritical() == this.isCritical());
+    }
+}



Mime
View raw message