001package org.apache.commons.ssl.org.bouncycastle.asn1.crmf;
002
003import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Encodable;
004import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1EncodableVector;
005import org.apache.commons.ssl.org.bouncycastle.asn1.ASN1Integer;
006import org.apache.commons.ssl.org.bouncycastle.asn1.DERBitString;
007import org.apache.commons.ssl.org.bouncycastle.asn1.DERSequence;
008import org.apache.commons.ssl.org.bouncycastle.asn1.DERTaggedObject;
009import org.apache.commons.ssl.org.bouncycastle.asn1.x500.X500Name;
010import org.apache.commons.ssl.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
011import org.apache.commons.ssl.org.bouncycastle.asn1.x509.Extensions;
012import org.apache.commons.ssl.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
013import org.apache.commons.ssl.org.bouncycastle.asn1.x509.X509Extensions;
014
015public class CertTemplateBuilder
016{
017    private ASN1Integer version;
018    private ASN1Integer serialNumber;
019    private AlgorithmIdentifier signingAlg;
020    private X500Name issuer;
021    private OptionalValidity validity;
022    private X500Name subject;
023    private SubjectPublicKeyInfo publicKey;
024    private DERBitString issuerUID;
025    private DERBitString subjectUID;
026    private Extensions extensions;
027
028    /** Sets the X.509 version. Note: for X509v3, use 2 here. */
029    public CertTemplateBuilder setVersion(int ver)
030    {
031        version = new ASN1Integer(ver);
032
033        return this;
034    }
035
036    public CertTemplateBuilder setSerialNumber(ASN1Integer ser)
037    {
038        serialNumber = ser;
039
040        return this;
041    }
042
043    public CertTemplateBuilder setSigningAlg(AlgorithmIdentifier aid)
044    {
045        signingAlg = aid;
046
047        return this;
048    }
049
050    public CertTemplateBuilder setIssuer(X500Name name)
051    {
052        issuer = name;
053
054        return this;
055    }
056
057    public CertTemplateBuilder setValidity(OptionalValidity v)
058    {
059        validity = v;
060
061        return this;
062    }
063
064    public CertTemplateBuilder setSubject(X500Name name)
065    {
066        subject = name;
067
068        return this;
069    }
070
071    public CertTemplateBuilder setPublicKey(SubjectPublicKeyInfo spki)
072    {
073        publicKey = spki;
074
075        return this;
076    }
077
078    /** Sets the issuer unique ID (deprecated in X.509v3) */
079    public CertTemplateBuilder setIssuerUID(DERBitString uid)
080    {
081        issuerUID = uid;
082
083        return this;
084    }
085
086    /** Sets the subject unique ID (deprecated in X.509v3) */
087    public CertTemplateBuilder setSubjectUID(DERBitString uid)
088    {
089        subjectUID = uid;
090
091        return this;
092    }
093
094    /**
095     * @deprecated use method taking Extensions
096     * @param extens
097     * @return
098     */
099    public CertTemplateBuilder setExtensions(X509Extensions extens)
100    {
101        return setExtensions(Extensions.getInstance(extens));
102    }
103
104    public CertTemplateBuilder setExtensions(Extensions extens)
105    {
106        extensions = extens;
107
108        return this;
109    }
110
111    /**
112     * <pre>
113     *  CertTemplate ::= SEQUENCE {
114     *      version      [0] Version               OPTIONAL,
115     *      serialNumber [1] INTEGER               OPTIONAL,
116     *      signingAlg   [2] AlgorithmIdentifier   OPTIONAL,
117     *      issuer       [3] Name                  OPTIONAL,
118     *      validity     [4] OptionalValidity      OPTIONAL,
119     *      subject      [5] Name                  OPTIONAL,
120     *      publicKey    [6] SubjectPublicKeyInfo  OPTIONAL,
121     *      issuerUID    [7] UniqueIdentifier      OPTIONAL,
122     *      subjectUID   [8] UniqueIdentifier      OPTIONAL,
123     *      extensions   [9] Extensions            OPTIONAL }
124     * </pre>
125     * @return a basic ASN.1 object representation.
126     */
127    public CertTemplate build()
128    {
129        ASN1EncodableVector v = new ASN1EncodableVector();
130
131        addOptional(v, 0, false, version);
132        addOptional(v, 1, false, serialNumber);
133        addOptional(v, 2, false, signingAlg);
134        addOptional(v, 3, true, issuer); // CHOICE
135        addOptional(v, 4, false, validity);
136        addOptional(v, 5, true, subject); // CHOICE
137        addOptional(v, 6, false, publicKey);
138        addOptional(v, 7, false, issuerUID);
139        addOptional(v, 8, false, subjectUID);
140        addOptional(v, 9, false, extensions);
141
142        return CertTemplate.getInstance(new DERSequence(v));
143    }
144
145    private void addOptional(ASN1EncodableVector v, int tagNo, boolean isExplicit, ASN1Encodable obj)
146    {
147        if (obj != null)
148        {
149            v.add(new DERTaggedObject(isExplicit, tagNo, obj));
150        }
151    }
152}