Source for gnu.java.security.pkcs.SignerInfo

   1: /* SignerInfo.java -- a SignerInfo object, from PKCS #7
   2:    Copyright (C) 2004, 2005  Free Software Foundation, Inc.
   3: 
   4: This file is part of GNU Classpath.
   5: 
   6: GNU Classpath is free software; you can redistribute it and/or modify
   7: it under the terms of the GNU General Public License as published by
   8: the Free Software Foundation; either version 2, or (at your option)
   9: any later version.
  10: 
  11: GNU Classpath is distributed in the hope that it will be useful, but
  12: WITHOUT ANY WARRANTY; without even the implied warranty of
  13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14: General Public License for more details.
  15: 
  16: You should have received a copy of the GNU General Public License
  17: along with GNU Classpath; see the file COPYING.  If not, write to the
  18: Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  19: 02110-1301 USA.
  20: 
  21: Linking this library statically or dynamically with other modules is
  22: making a combined work based on this library.  Thus, the terms and
  23: conditions of the GNU General Public License cover the whole
  24: combination.
  25: 
  26: As a special exception, the copyright holders of this library give you
  27: permission to link this library with independent modules to produce an
  28: executable, regardless of the license terms of these independent
  29: modules, and to copy and distribute the resulting executable under
  30: terms of your choice, provided that you also meet, for each linked
  31: independent module, the terms and conditions of the license of that
  32: module.  An independent module is a module which is not derived from
  33: or based on this library.  If you modify this library, you may extend
  34: this exception to your version of the library, but you are not
  35: obligated to do so.  If you do not wish to do so, delete this
  36: exception statement from your version. */
  37: 
  38: package gnu.java.security.pkcs;
  39: 
  40: import gnu.java.security.OID;
  41: import gnu.java.security.ber.BER;
  42: import gnu.java.security.ber.BEREncodingException;
  43: import gnu.java.security.ber.BERReader;
  44: import gnu.java.security.ber.BERValue;
  45: import gnu.java.security.der.DERValue;
  46: 
  47: import java.io.IOException;
  48: 
  49: import java.math.BigInteger;
  50: 
  51: import javax.security.auth.x500.X500Principal;
  52: 
  53: public class SignerInfo
  54: {
  55:   private final BigInteger version;
  56:   private final BigInteger serialNumber;
  57:   private final X500Principal issuer;
  58:   private final OID digestAlgorithmId;
  59:   private final byte[] digestAlgorithmParams;
  60:   private final byte[] authenticatedAttributes;
  61:   private final OID digestEncryptionAlgorithmId;
  62:   private final byte[] digestEncryptionAlgorithmParams;
  63:   private final byte[] encryptedDigest;
  64:   private final byte[] unauthenticatedAttributes;
  65: 
  66:   private static final boolean DEBUG = false;
  67:   private static void debug(String msg)
  68:   {
  69:     System.err.print("SignerInfo >> ");
  70:     System.err.println(msg);
  71:   }
  72: 
  73:   /**
  74:    * Parse a SignerInfo object.
  75:    */
  76:   public SignerInfo(BERReader ber) throws IOException
  77:   {
  78:     DERValue val = ber.read();
  79:     if (DEBUG)
  80:       debug("SignerInfo: " + val);
  81:     if (!val.isConstructed())
  82:       throw new BEREncodingException("malformed SignerInfo");
  83: 
  84:     val = ber.read();
  85:     if (val.getTag() != BER.INTEGER)
  86:       throw new BEREncodingException("malformed Version");
  87:     version = (BigInteger) val.getValue();
  88: 
  89:     if (DEBUG)
  90:       debug("  Version: " + version);
  91: 
  92:     val = ber.read();
  93:     if (!val.isConstructed())
  94:       throw new BEREncodingException("malformed IssuerAndSerialNumber");
  95: 
  96:     if (DEBUG)
  97:       debug("  IssuerAndSerialNumber: " + val);
  98: 
  99:     val = ber.read();
 100:     if (!val.isConstructed())
 101:       throw new BEREncodingException("malformed Issuer");
 102:     issuer = new X500Principal(val.getEncoded());
 103:     ber.skip(val.getLength());
 104:     if (DEBUG)
 105:       debug("    Issuer: " + issuer);
 106: 
 107:     val = ber.read();
 108:     if (val.getTag() != BER.INTEGER)
 109:       throw new BEREncodingException("malformed SerialNumber");
 110:     serialNumber = (BigInteger) val.getValue();
 111:     if (DEBUG)
 112:       debug("    SerialNumber: " + serialNumber);
 113: 
 114:     val = ber.read();
 115:     if (!val.isConstructed())
 116:       throw new BEREncodingException("malformed DigestAlgorithmIdentifier");
 117:     if (DEBUG)
 118:       debug("  DigestAlgorithmIdentifier: " + val);
 119: 
 120:     int count = 0;
 121:     DERValue val2 = ber.read();
 122:     if (val2.getTag() != BER.OBJECT_IDENTIFIER)
 123:       throw new BEREncodingException("malformed AlgorithmIdentifier");
 124:     digestAlgorithmId = (OID) val2.getValue();
 125:     if (DEBUG)
 126:       debug("    OID: " + digestAlgorithmId);
 127: 
 128:     if (BERValue.isIndefinite(val))
 129:       {
 130:         val2 = ber.read();
 131:         if (val2 != BER.END_OF_SEQUENCE)
 132:           {
 133:             digestAlgorithmParams = val2.getEncoded();
 134:             val2 = ber.read();
 135:             if (val2 != BER.END_OF_SEQUENCE)
 136:               throw new BEREncodingException("expecting BER end-of-sequence");
 137:           }
 138:         else
 139:           digestAlgorithmParams = null;
 140:       }
 141:     else if (val2.getEncodedLength() < val.getLength())
 142:       {
 143:         val2 = ber.read();
 144:         digestAlgorithmParams = val2.getEncoded();
 145:         if (val2.isConstructed())
 146:           ber.skip(val2.getLength());
 147:       }
 148:     else
 149:       digestAlgorithmParams = null;
 150:     if(DEBUG)
 151:       debug("    params: " + (digestAlgorithmParams == null ? null
 152:                               : new BigInteger(digestAlgorithmParams).toString(16)));
 153: 
 154:     val = ber.read();
 155:     if (val.getTag() == 0)
 156:       {
 157:         authenticatedAttributes = val.getEncoded();
 158:         val = ber.read();
 159:         if (val.isConstructed())
 160:           ber.skip(val.getLength());
 161:         if (DEBUG)
 162:           debug("  AuthenticatedAttributes: " + val);
 163:         val = ber.read();
 164:       }
 165:     else
 166:       authenticatedAttributes = null;
 167: 
 168:     if (!val.isConstructed())
 169:       throw new BEREncodingException("malformed DigestEncryptionAlgorithmIdentifier");
 170:     if (DEBUG)
 171:       debug("  DigestEncryptionAlgorithmIdentifier: " + val);
 172:     count = 0;
 173:     val2 = ber.read();
 174:     if (val2.getTag() != BER.OBJECT_IDENTIFIER)
 175:       throw new BEREncodingException("malformed AlgorithmIdentifier");
 176:     digestEncryptionAlgorithmId = (OID) val2.getValue();
 177:     if (DEBUG)
 178:       debug("    OID: " + digestEncryptionAlgorithmId);
 179: 
 180:     if (BERValue.isIndefinite(val))
 181:       {
 182:         val2 = ber.read();
 183:         if (val2 != BER.END_OF_SEQUENCE)
 184:           {
 185:             digestEncryptionAlgorithmParams = val2.getEncoded();
 186:             val2 = ber.read();
 187:             if (val2 != BER.END_OF_SEQUENCE)
 188:               throw new BEREncodingException("expecting BER end-of-sequence");
 189:           }
 190:         else
 191:           digestEncryptionAlgorithmParams = null;
 192:       }
 193:     else if (val2.getEncodedLength() < val.getLength())
 194:       {
 195:         val2 = ber.read();
 196:         digestEncryptionAlgorithmParams = val2.getEncoded();
 197:         if (val2.isConstructed())
 198:           ber.skip(val2.getLength());
 199:       }
 200:     else
 201:       digestEncryptionAlgorithmParams = null;
 202:     if(DEBUG)
 203:       debug("    params: " + (digestEncryptionAlgorithmParams == null ? null
 204:                               : new BigInteger(digestEncryptionAlgorithmParams).toString(16)));
 205: 
 206:     val = ber.read();
 207:     if (val.getTag() != BER.OCTET_STRING)
 208:       throw new BEREncodingException("malformed EncryptedDigest");
 209:     encryptedDigest = (byte[]) val.getValue();
 210:     if (DEBUG)
 211:       debug("  EncryptedDigest: " + new BigInteger(1, encryptedDigest).toString(16));
 212: 
 213:     if (ber.peek() == 1)
 214:       unauthenticatedAttributes = ber.read().getEncoded();
 215:     else
 216:       unauthenticatedAttributes = null;
 217: 
 218:     if (ber.peek() == 0)
 219:       ber.read();
 220:   }
 221: 
 222:   public BigInteger getVersion()
 223:   {
 224:     return version;
 225:   }
 226: 
 227:   public BigInteger getSerialNumber()
 228:   {
 229:     return serialNumber;
 230:   }
 231: 
 232:   public X500Principal getIssuer()
 233:   {
 234:     return issuer;
 235:   }
 236: 
 237:   public OID getDigestAlgorithmId()
 238:   {
 239:     return digestAlgorithmId;
 240:   }
 241: 
 242:   public byte[] getDigestAlgorithmParams()
 243:   {
 244:     return (digestAlgorithmParams != null
 245:             ? (byte[]) digestAlgorithmParams.clone()
 246:             : null);
 247:   }
 248: 
 249:   public byte[] getAuthenticatedAttributes()
 250:   {
 251:     return (authenticatedAttributes != null
 252:             ? (byte[]) authenticatedAttributes.clone()
 253:             : null);
 254:   }
 255: 
 256:   public OID getDigestEncryptionAlgorithmId()
 257:   {
 258:     return digestEncryptionAlgorithmId;
 259:   }
 260: 
 261:   public byte[] getDigestEncryptionAlgorithmParams()
 262:   {
 263:     return (digestEncryptionAlgorithmParams != null
 264:             ? (byte[]) digestEncryptionAlgorithmParams.clone()
 265:             : null);
 266:   }
 267: 
 268:   public byte[] getEncryptedDigest()
 269:   {
 270:     return (encryptedDigest != null ? (byte[]) encryptedDigest.clone() : null);
 271:   }
 272: 
 273:   public byte[] getUnauthenticatedAttributes()
 274:   {
 275:     return (unauthenticatedAttributes != null
 276:             ? (byte[]) unauthenticatedAttributes.clone()
 277:             : null);
 278:   }
 279: }