1:
37:
38: package ;
39:
40: import ;
41: import ;
42: import ;
43: import ;
44: import ;
45: import ;
46: import ;
47: import ;
48: import ;
49: import ;
50:
51: import ;
52: import ;
53: import ;
54: import ;
55: import ;
56: import ;
57:
58: import ;
59:
60: public class SignerInfo
61: {
62: private static final Logger log = Logger.getLogger(SignerInfo.class.getName());
63:
64: private final BigInteger version;
65: private final BigInteger serialNumber;
66: private final X500Principal issuer;
67: private final OID digestAlgorithmId;
68: private final byte[] digestAlgorithmParams;
69: private final byte[] authenticatedAttributes;
70: private final OID digestEncryptionAlgorithmId;
71: private final byte[] digestEncryptionAlgorithmParams;
72: private final byte[] encryptedDigest;
73: private final byte[] unauthenticatedAttributes;
74:
75:
101: public SignerInfo(BERReader ber) throws IOException
102: {
103: DERValue val = ber.read();
104: if (Configuration.DEBUG)
105: log.fine("SignerInfo: " + val);
106: if (!val.isConstructed())
107: throw new BEREncodingException("malformed SignerInfo");
108:
109: val = ber.read();
110: if (val.getTag() != BER.INTEGER)
111: throw new BEREncodingException("malformed Version");
112:
113: version = (BigInteger) val.getValue();
114: log.fine(" Version: " + version);
115:
116: val = ber.read();
117: if (!val.isConstructed())
118: throw new BEREncodingException("malformed IssuerAndSerialNumber");
119: if (Configuration.DEBUG)
120: log.fine(" IssuerAndSerialNumber: " + val);
121:
122: val = ber.read();
123: if (!val.isConstructed())
124: throw new BEREncodingException("malformed Issuer");
125:
126: issuer = new X500Principal(val.getEncoded());
127: ber.skip(val.getLength());
128: if (Configuration.DEBUG)
129: log.fine(" Issuer: " + issuer);
130:
131: val = ber.read();
132: if (val.getTag() != BER.INTEGER)
133: throw new BEREncodingException("malformed SerialNumber");
134:
135: serialNumber = (BigInteger) val.getValue();
136: if (Configuration.DEBUG)
137: log.fine(" SerialNumber: " + serialNumber);
138:
139: val = ber.read();
140: if (!val.isConstructed())
141: throw new BEREncodingException("malformed DigestAlgorithmIdentifier");
142: if (Configuration.DEBUG)
143: log.fine(" DigestAlgorithmIdentifier: " + val);
144:
145: int count = 0;
146: DERValue val2 = ber.read();
147: if (val2.getTag() != BER.OBJECT_IDENTIFIER)
148: throw new BEREncodingException("malformed AlgorithmIdentifier");
149:
150: digestAlgorithmId = (OID) val2.getValue();
151: if (Configuration.DEBUG)
152: log.fine(" digestAlgorithm OID: " + digestAlgorithmId);
153:
154: if (BERValue.isIndefinite(val))
155: {
156: val2 = ber.read();
157: if (val2 != BER.END_OF_SEQUENCE)
158: {
159: digestAlgorithmParams = val2.getEncoded();
160: val2 = ber.read();
161: if (val2 != BER.END_OF_SEQUENCE)
162: throw new BEREncodingException("expecting BER end-of-sequence");
163: }
164: else
165: digestAlgorithmParams = null;
166: }
167: else if (val2.getEncodedLength() < val.getLength())
168: {
169: val2 = ber.read();
170: digestAlgorithmParams = val2.getEncoded();
171: if (val2.isConstructed())
172: ber.skip(val2.getLength());
173: }
174: else
175: digestAlgorithmParams = null;
176:
177: if (Configuration.DEBUG)
178: {
179: log.fine(" digestAlgorithm params: ");
180: log.fine(Util.dumpString(digestAlgorithmParams,
181: " digestAlgorithm params: "));
182: }
183: val = ber.read();
184: if (val.getTag() == 0)
185: {
186: authenticatedAttributes = val.getEncoded();
187: val = ber.read();
188: if (val.isConstructed())
189: ber.skip(val.getLength());
190:
191: val = ber.read();
192: }
193: else
194: authenticatedAttributes = null;
195:
196: if (Configuration.DEBUG)
197: {
198: log.fine(" AuthenticatedAttributes: ");
199: log.fine(Util.dumpString(authenticatedAttributes,
200: " AuthenticatedAttributes: "));
201: }
202: if (!val.isConstructed())
203: throw new BEREncodingException("malformed DigestEncryptionAlgorithmIdentifier");
204: if (Configuration.DEBUG)
205: log.fine(" DigestEncryptionAlgorithmIdentifier: " + val);
206: count = 0;
207: val2 = ber.read();
208: if (val2.getTag() != BER.OBJECT_IDENTIFIER)
209: throw new BEREncodingException("malformed AlgorithmIdentifier");
210:
211: digestEncryptionAlgorithmId = (OID) val2.getValue();
212: if (Configuration.DEBUG)
213: log.fine(" digestEncryptionAlgorithm OID: " + digestEncryptionAlgorithmId);
214:
215: if (BERValue.isIndefinite(val))
216: {
217: val2 = ber.read();
218: if (val2 != BER.END_OF_SEQUENCE)
219: {
220: digestEncryptionAlgorithmParams = val2.getEncoded();
221: val2 = ber.read();
222: if (val2 != BER.END_OF_SEQUENCE)
223: throw new BEREncodingException("expecting BER end-of-sequence");
224: }
225: else
226: digestEncryptionAlgorithmParams = null;
227: }
228: else if (val2.getEncodedLength() < val.getLength())
229: {
230: val2 = ber.read();
231: digestEncryptionAlgorithmParams = val2.getEncoded();
232: if (val2.isConstructed())
233: ber.skip(val2.getLength());
234: }
235: else
236: digestEncryptionAlgorithmParams = null;
237:
238: if (Configuration.DEBUG)
239: {
240: log.fine(" digestEncryptionAlgorithm params: ");
241: log.fine(Util.dumpString(digestEncryptionAlgorithmParams,
242: " digestEncryptionAlgorithm params: "));
243: }
244: val = ber.read();
245: if (val.getTag() != BER.OCTET_STRING)
246: throw new BEREncodingException("malformed EncryptedDigest");
247:
248: encryptedDigest = (byte[]) val.getValue();
249: if (Configuration.DEBUG)
250: {
251: log.fine(" EncryptedDigest: ");
252: log.fine(Util.dumpString(encryptedDigest, " EncryptedDigest: "));
253: }
254: if (ber.peek() == 1)
255: unauthenticatedAttributes = ber.read().getEncoded();
256: else
257: unauthenticatedAttributes = null;
258:
259: if (Configuration.DEBUG)
260: {
261: log.fine(" UnauthenticatedAttributes: ");
262: log.fine(Util.dumpString(unauthenticatedAttributes,
263: " UnauthenticatedAttributes: "));
264: }
265: if (ber.peek() == 0)
266: ber.read();
267: }
268:
269:
292: public SignerInfo(X500Principal issuer, BigInteger serialNumber,
293: OID digestAlgorithmOID, byte[] authenticatedAttributes,
294: OID digestEncryptionAlgorithmOID,
295: byte[] encryptedDigest, byte[] unauthenticatedAttributes)
296: {
297: super();
298:
299: this.version = BigInteger.ONE;
300: this.issuer = issuer;
301: this.serialNumber = serialNumber;
302: this.digestAlgorithmId = digestAlgorithmOID;
303: this.digestAlgorithmParams = null;
304: this.authenticatedAttributes = authenticatedAttributes;
305: this.digestEncryptionAlgorithmId = digestEncryptionAlgorithmOID;
306: this.digestEncryptionAlgorithmParams = null;
307: this.encryptedDigest = encryptedDigest;
308: this.unauthenticatedAttributes = unauthenticatedAttributes;
309: }
310:
311: public BigInteger getVersion()
312: {
313: return version;
314: }
315:
316: public BigInteger getSerialNumber()
317: {
318: return serialNumber;
319: }
320:
321: public X500Principal getIssuer()
322: {
323: return issuer;
324: }
325:
326: public OID getDigestAlgorithmId()
327: {
328: return digestAlgorithmId;
329: }
330:
331: public byte[] getDigestAlgorithmParams()
332: {
333: return (digestAlgorithmParams != null
334: ? (byte[]) digestAlgorithmParams.clone()
335: : null);
336: }
337:
338: public byte[] getAuthenticatedAttributes()
339: {
340: return (authenticatedAttributes != null
341: ? (byte[]) authenticatedAttributes.clone()
342: : null);
343: }
344:
345: public OID getDigestEncryptionAlgorithmId()
346: {
347: return digestEncryptionAlgorithmId;
348: }
349:
350: public byte[] getDigestEncryptionAlgorithmParams()
351: {
352: return (digestEncryptionAlgorithmParams != null
353: ? (byte[]) digestEncryptionAlgorithmParams.clone()
354: : null);
355: }
356:
357: public byte[] getEncryptedDigest()
358: {
359: return (encryptedDigest != null ? (byte[]) encryptedDigest.clone() : null);
360: }
361:
362: public byte[] getUnauthenticatedAttributes()
363: {
364: return (unauthenticatedAttributes != null
365: ? (byte[]) unauthenticatedAttributes.clone()
366: : null);
367: }
368:
369:
376: public void encode(OutputStream out) throws IOException
377: {
378: DERValue derVersion = new DERValue(DER.INTEGER, version);
379:
380: ByteArrayOutputStream baos = new ByteArrayOutputStream(4096);
381: baos.write(issuer.getEncoded());
382: DERValue derSerialNumber = new DERValue(DER.INTEGER, serialNumber);
383: DERWriter.write(baos, derSerialNumber);
384: baos.flush();
385: byte[] b = baos.toByteArray();
386: DERValue derIssuerAndSerialNumber =
387: new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, b.length, b, null);
388:
389: DERValue derDigestAlgorithmOID = new DERValue(DER.OBJECT_IDENTIFIER,
390: digestAlgorithmId);
391: ArrayList digestAlgorithmIdentifier = new ArrayList(1);
392: digestAlgorithmIdentifier.add(derDigestAlgorithmOID);
393: DERValue derDigestAlgorithmIdentifier =
394: new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, digestAlgorithmIdentifier);
395:
396: DERValue derAuthenticatedAttributes;
397: if (authenticatedAttributes == null)
398: derAuthenticatedAttributes = new DERValue(DER.NULL, null);
399: else
400: derAuthenticatedAttributes = new DERValue(DER.CONSTRUCTED | DER.SET,
401: authenticatedAttributes);
402:
403: DERValue derDigestEncryptionAlgorithmOID =
404: new DERValue(DER.OBJECT_IDENTIFIER, digestEncryptionAlgorithmId);
405: ArrayList digestEncryptionAlgorithmIdentifier = new ArrayList(1);
406: digestEncryptionAlgorithmIdentifier.add(derDigestEncryptionAlgorithmOID);
407: DERValue derDigestEncryptionAlgorithmIdentifier =
408: new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, digestEncryptionAlgorithmIdentifier);
409:
410: DERValue derEncryptedDigest = new DERValue(DER.OCTET_STRING, encryptedDigest);
411:
412: DERValue derUnauthenticatedAttributes;
413: if (unauthenticatedAttributes == null)
414: derUnauthenticatedAttributes = new DERValue(DER.NULL, null);
415: else
416: derUnauthenticatedAttributes = new DERValue(DER.CONSTRUCTED | DER.SET,
417: unauthenticatedAttributes);
418:
419: ArrayList signerInfo = new ArrayList(5);
420: signerInfo.add(derVersion);
421: signerInfo.add(derIssuerAndSerialNumber);
422: signerInfo.add(derDigestAlgorithmIdentifier);
423: signerInfo.add(derDigestEncryptionAlgorithmIdentifier);
424: signerInfo.add(derEncryptedDigest);
425: DERValue derSignerInfo = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE,
426: signerInfo);
427: DERWriter.write(out, derSignerInfo);
428: }
429: }