/**
*
* Copyright 2003-2004 The Apache Software Foundation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.geronimo.util.asn1.x509;
import java.io.IOException;
import java.util.Enumeration;
import java.util.Vector;
import org.apache.geronimo.util.asn1.ASN1EncodableVector;
import org.apache.geronimo.util.asn1.ASN1Sequence;
import org.apache.geronimo.util.asn1.DERGeneralizedTime;
import org.apache.geronimo.util.asn1.DERInteger;
import org.apache.geronimo.util.asn1.DEROctetString;
import org.apache.geronimo.util.asn1.DERSequence;
import org.apache.geronimo.util.asn1.DERTaggedObject;
import org.apache.geronimo.util.asn1.DERUTCTime;
/**
* Generator for Version 2 TBSCertList structures.
* <pre>
* TBSCertList ::= SEQUENCE {
* version Version OPTIONAL,
* -- if present, shall be v2
* signature AlgorithmIdentifier,
* issuer Name,
* thisUpdate Time,
* nextUpdate Time OPTIONAL,
* revokedCertificates SEQUENCE OF SEQUENCE {
* userCertificate CertificateSerialNumber,
* revocationDate Time,
* crlEntryExtensions Extensions OPTIONAL
* -- if present, shall be v2
* } OPTIONAL,
* crlExtensions [0] EXPLICIT Extensions OPTIONAL
* -- if present, shall be v2
* }
* </pre>
*
* <b>Note: This class may be subject to change</b>
*/
public class V2TBSCertListGenerator
{
DERInteger version = new DERInteger(1);
AlgorithmIdentifier signature;
X509Name issuer;
Time thisUpdate, nextUpdate=null;
X509Extensions extensions=null;
private Vector crlentries=null;
public V2TBSCertListGenerator()
{
}
public void setSignature(
AlgorithmIdentifier signature)
{
this.signature = signature;
}
public void setIssuer(
X509Name issuer)
{
this.issuer = issuer;
}
public void setThisUpdate(
DERUTCTime thisUpdate)
{
this.thisUpdate = new Time(thisUpdate);
}
public void setNextUpdate(
DERUTCTime nextUpdate)
{
this.nextUpdate = new Time(nextUpdate);
}
public void setThisUpdate(
Time thisUpdate)
{
this.thisUpdate = thisUpdate;
}
public void setNextUpdate(
Time nextUpdate)
{
this.nextUpdate = nextUpdate;
}
public void addCRLEntry(
ASN1Sequence crlEntry)
{
if (crlentries == null)
crlentries = new Vector();
crlentries.addElement(crlEntry);
}
public void addCRLEntry(DERInteger userCertificate, DERUTCTime revocationDate, int reason)
{
addCRLEntry(userCertificate, new Time(revocationDate), reason);
}
public void addCRLEntry(DERInteger userCertificate, Time revocationDate, int reason)
{
addCRLEntry(userCertificate, revocationDate, reason, null);
}
public void addCRLEntry(DERInteger userCertificate, Time revocationDate, int reason, DERGeneralizedTime invalidityDate)
{
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(userCertificate);
v.add(revocationDate);
Vector extOids = new Vector();
Vector extValues = new Vector();
if (reason != 0)
{
CRLReason crlReason = new CRLReason(reason);
try
{
extOids.addElement(X509Extensions.ReasonCode);
extValues.addElement(new X509Extension(false, new DEROctetString(crlReason.getEncoded())));
}
catch (IOException e)
{
throw new IllegalArgumentException("error encoding reason: " + e);
}
}
if (invalidityDate != null)
{
try
{
extOids.addElement(X509Extensions.InvalidityDate);
extValues.addElement(new X509Extension(false, new DEROctetString(invalidityDate.getEncoded())));
}
catch (IOException e)
{
throw new IllegalArgumentException("error encoding invalidityDate: " + e);
}
}
if (extOids.size() != 0)
{
X509Extensions ex = new X509Extensions(extOids, extValues);
v.add(ex);
}
if (crlentries == null)
{
crlentries = new Vector();
}
crlentries.addElement(new DERSequence(v));
}
public void setExtensions(
X509Extensions extensions)
{
this.extensions = extensions;
}
public TBSCertList generateTBSCertList()
{
if ((signature == null) || (issuer == null) || (thisUpdate == null))
{
throw new IllegalStateException("Not all mandatory fields set in V2 TBSCertList generator.");
}
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(version);
v.add(signature);
v.add(issuer);
v.add(thisUpdate);
if (nextUpdate != null)
{
v.add(nextUpdate);
}
// Add CRLEntries if they exist
if (crlentries != null)
{
ASN1EncodableVector certs = new ASN1EncodableVector();
Enumeration it = crlentries.elements();
while( it.hasMoreElements() )
{
certs.add((ASN1Sequence)it.nextElement());
}
v.add(new DERSequence(certs));
}
if (extensions != null)
{
v.add(new DERTaggedObject(0, extensions));
}
return new TBSCertList(new DERSequence(v));
}
}