BJA-462 added support for V1 attribute certificates and holders.

author: David Hook <dgh@cryptoworkshop.com> 2013-10-28 09:56:54 +0400
committer: David Hook <dgh@cryptoworkshop.com> 2013-10-28 09:56:54 +0400
commit: 571a08bad62d72bab1cb89fa8c5e736db0e4dfa7 (patch)
tree: 1f0335380b7e645091fa1a26b9188375eafe63a3 /core/src/main/java/org/bouncycastle/asn1
parent: 01549532daacd2f4db4a99202990760de6eba0e4 (diff)
3 files changed, 35 insertions, 18 deletions
diff --git a/core/src/main/java/org/bouncycastle/asn1/x509/AttributeCertificate.java b/core/src/main/java/org/bouncycastle/asn1/x509/AttributeCertificate.java
index 92aa0f7b..73fe7b49 100644
--- a/core/src/main/java/org/bouncycastle/asn1/x509/AttributeCertificate.java
+++ b/core/src/main/java/org/bouncycastle/asn1/x509/AttributeCertificate.java
@@ -41,7 +41,10 @@ public class AttributeCertificate
         this.signatureAlgorithm = signatureAlgorithm;
         this.signatureValue = signatureValue;
     }
-    
+
+    /**
+     * @deprecated use getInstance() method.
+     */
     public AttributeCertificate(
         ASN1Sequence    seq)
     {
diff --git a/core/src/main/java/org/bouncycastle/asn1/x509/AttributeCertificateInfo.java b/core/src/main/java/org/bouncycastle/asn1/x509/AttributeCertificateInfo.java
index fb2a64c6..ae539f42 100644
--- a/core/src/main/java/org/bouncycastle/asn1/x509/AttributeCertificateInfo.java
+++ b/core/src/main/java/org/bouncycastle/asn1/x509/AttributeCertificateInfo.java
@@ -48,22 +48,33 @@ public class AttributeCertificateInfo
     private AttributeCertificateInfo(
         ASN1Sequence   seq)
     {
-        if (seq.size() < 7 || seq.size() > 9)
+        if (seq.size() < 6 || seq.size() > 9)
         {
             throw new IllegalArgumentException("Bad sequence size: " + seq.size());
         }
 
-        this.version = ASN1Integer.getInstance(seq.getObjectAt(0));
-        this.holder = Holder.getInstance(seq.getObjectAt(1));
-        this.issuer = AttCertIssuer.getInstance(seq.getObjectAt(2));
-        this.signature = AlgorithmIdentifier.getInstance(seq.getObjectAt(3));
-        this.serialNumber = ASN1Integer.getInstance(seq.getObjectAt(4));
-        this.attrCertValidityPeriod = AttCertValidityPeriod.getInstance(seq.getObjectAt(5));
-        this.attributes = ASN1Sequence.getInstance(seq.getObjectAt(6));
+        int start;
+        if (seq.getObjectAt(0) instanceof ASN1Integer)   // in version 1 certs version is DEFAULT  v1(0)
+        {
+            this.version = ASN1Integer.getInstance(seq.getObjectAt(0));
+            start = 1;
+        }
+        else
+        {
+            this.version = new ASN1Integer(0);
+            start = 0;
+        }
+
+        this.holder = Holder.getInstance(seq.getObjectAt(start));
+        this.issuer = AttCertIssuer.getInstance(seq.getObjectAt(start + 1));
+        this.signature = AlgorithmIdentifier.getInstance(seq.getObjectAt(start + 2));
+        this.serialNumber = ASN1Integer.getInstance(seq.getObjectAt(start + 3));
+        this.attrCertValidityPeriod = AttCertValidityPeriod.getInstance(seq.getObjectAt(start + 4));
+        this.attributes = ASN1Sequence.getInstance(seq.getObjectAt(start + 5));
         
-        for (int i = 7; i < seq.size(); i++)
+        for (int i = start + 6; i < seq.size(); i++)
         {
-            ASN1Encodable    obj = (ASN1Encodable)seq.getObjectAt(i);
+            ASN1Encodable    obj = seq.getObjectAt(i);
 
             if (obj instanceof DERBitString)
             {
@@ -143,7 +154,10 @@ public class AttributeCertificateInfo
     {
         ASN1EncodableVector  v = new ASN1EncodableVector();
 
-        v.add(version);
+        if (version.getValue().intValue() != 0)
+        {
+            v.add(version);
+        }
         v.add(holder);
         v.add(issuer);
         v.add(signature);
diff --git a/core/src/main/java/org/bouncycastle/asn1/x509/Holder.java b/core/src/main/java/org/bouncycastle/asn1/x509/Holder.java
index 6ae6e354..e854681f 100644
--- a/core/src/main/java/org/bouncycastle/asn1/x509/Holder.java
+++ b/core/src/main/java/org/bouncycastle/asn1/x509/Holder.java
@@ -31,9 +31,9 @@ import org.bouncycastle.asn1.DERTaggedObject;
  * 
  * <pre>
  *         subject CHOICE {
- *          baseCertificateID [0] IssuerSerial,
+ *          baseCertificateID [0] EXPLICIT IssuerSerial,
  *          -- associated with a Public Key Certificate
- *          subjectName [1] GeneralNames },
+ *          subjectName [1] EXPLICIT GeneralNames },
  *          -- associated with a name
  * </pre>
  */
@@ -79,10 +79,10 @@ public class Holder
         switch (tagObj.getTagNo())
         {
         case 0:
-            baseCertificateID = IssuerSerial.getInstance(tagObj, false);
+            baseCertificateID = IssuerSerial.getInstance(tagObj, true);
             break;
         case 1:
-            entityName = GeneralNames.getInstance(tagObj, false);
+            entityName = GeneralNames.getInstance(tagObj, true);
             break;
         default:
             throw new IllegalArgumentException("unknown tag in Holder");
@@ -234,11 +234,11 @@ public class Holder
         {
             if (entityName != null)
             {
-                return new DERTaggedObject(false, 1, entityName);
+                return new DERTaggedObject(true, 1, entityName);
             }
             else
             {
-                return new DERTaggedObject(false, 0, baseCertificateID);
+                return new DERTaggedObject(true, 0, baseCertificateID);
             }
         }
     }
author	David Hook <dgh@cryptoworkshop.com>	2013-10-28 09:56:54 +0400
committer	David Hook <dgh@cryptoworkshop.com>	2013-10-28 09:56:54 +0400
commit	571a08bad62d72bab1cb89fa8c5e736db0e4dfa7 (patch)
tree	1f0335380b7e645091fa1a26b9188375eafe63a3 /core/src/main/java/org/bouncycastle/asn1
parent	01549532daacd2f4db4a99202990760de6eba0e4 (diff)