Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/src/share/classes/sun/security/pkcs/SigningCertificateInfo.java
38830 views
/*1* Copyright (c) 2003, 2004, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425package sun.security.pkcs;2627import java.io.IOException;28import java.util.ArrayList;2930import sun.misc.HexDumpEncoder;31import sun.security.util.DerInputStream;32import sun.security.util.DerValue;33import sun.security.x509.GeneralNames;34import sun.security.x509.SerialNumber;3536/**37* This class represents a signing certificate attribute.38* Its attribute value is defined by the following ASN.1 definition.39* <pre>40*41* id-aa-signingCertificate OBJECT IDENTIFIER ::= { iso(1)42* member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)43* smime(16) id-aa(2) 12 }44*45* SigningCertificate ::= SEQUENCE {46* certs SEQUENCE OF ESSCertID,47* policies SEQUENCE OF PolicyInformation OPTIONAL48* }49*50* ESSCertID ::= SEQUENCE {51* certHash Hash,52* issuerSerial IssuerSerial OPTIONAL53* }54*55* Hash ::= OCTET STRING -- SHA1 hash of entire certificate56*57* IssuerSerial ::= SEQUENCE {58* issuer GeneralNames,59* serialNumber CertificateSerialNumber60* }61*62* PolicyInformation ::= SEQUENCE {63* policyIdentifier CertPolicyId,64* policyQualifiers SEQUENCE SIZE (1..MAX) OF65* PolicyQualifierInfo OPTIONAL }66*67* CertPolicyId ::= OBJECT IDENTIFIER68*69* PolicyQualifierInfo ::= SEQUENCE {70* policyQualifierId PolicyQualifierId,71* qualifier ANY DEFINED BY policyQualifierId }72*73* -- Implementations that recognize additional policy qualifiers MUST74* -- augment the following definition for PolicyQualifierId75*76* PolicyQualifierId ::= OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice )77*78* </pre>79*80* @since 1.581* @author Vincent Ryan82*/83public class SigningCertificateInfo {8485private byte[] ber = null;8687private ESSCertId[] certId = null;8889public SigningCertificateInfo(byte[] ber) throws IOException {90parse(ber);91}9293public String toString() {94StringBuffer buffer = new StringBuffer();95buffer.append("[\n");96for (int i = 0; i < certId.length; i++) {97buffer.append(certId[i].toString());98}99// format policies as a string100buffer.append("\n]");101102return buffer.toString();103}104105public void parse(byte[] bytes) throws IOException {106107// Parse signingCertificate108DerValue derValue = new DerValue(bytes);109if (derValue.tag != DerValue.tag_Sequence) {110throw new IOException("Bad encoding for signingCertificate");111}112113// Parse certs114DerValue[] certs = derValue.data.getSequence(1);115certId = new ESSCertId[certs.length];116for (int i = 0; i < certs.length; i++) {117certId[i] = new ESSCertId(certs[i]);118}119120// Parse policies, if present121if (derValue.data.available() > 0) {122DerValue[] policies = derValue.data.getSequence(1);123for (int i = 0; i < policies.length; i++) {124// parse PolicyInformation125}126}127}128}129130class ESSCertId {131132private static volatile HexDumpEncoder hexDumper;133134private byte[] certHash;135private GeneralNames issuer;136private SerialNumber serialNumber;137138ESSCertId(DerValue certId) throws IOException {139// Parse certHash140certHash = certId.data.getDerValue().toByteArray();141142// Parse issuerSerial, if present143if (certId.data.available() > 0) {144DerValue issuerSerial = certId.data.getDerValue();145// Parse issuer146issuer = new GeneralNames(issuerSerial.data.getDerValue());147// Parse serialNumber148serialNumber = new SerialNumber(issuerSerial.data.getDerValue());149}150}151152public String toString() {153StringBuffer buffer = new StringBuffer();154buffer.append("[\n\tCertificate hash (SHA-1):\n");155if (hexDumper == null) {156hexDumper = new HexDumpEncoder();157}158buffer.append(hexDumper.encode(certHash));159if (issuer != null && serialNumber != null) {160buffer.append("\n\tIssuer: " + issuer + "\n");161buffer.append("\t" + serialNumber);162}163buffer.append("\n]");164return buffer.toString();165}166}167168169