diff options
author | Yuuta Liang <yuutaw@students.cs.ubc.ca> | 2023-10-12 12:10:33 +0800 |
---|---|---|
committer | Yuuta Liang <yuutaw@students.cs.ubc.ca> | 2023-10-12 12:10:33 +0800 |
commit | d342a45d98c4795b3a3fe1aaef5236ad4a782b55 (patch) | |
tree | f4ebc0ad962b138d9371413fcc71c97a559df506 /src/main/model/pki/cert/Validity.java | |
parent | e60c9c76243cfe0a408af98dc60bedb973e815db (diff) | |
download | jca-d342a45d98c4795b3a3fe1aaef5236ad4a782b55.tar jca-d342a45d98c4795b3a3fe1aaef5236ad4a782b55.tar.gz jca-d342a45d98c4795b3a3fe1aaef5236ad4a782b55.tar.bz2 jca-d342a45d98c4795b3a3fe1aaef5236ad4a782b55.zip |
Implement data structures from X.680, X.501, X.509, and PKCS#10, with X.690 encoding / decoding support
The implementation took four days, and it is still a little bit rough. Updated version should arrive soon.
Signed-off-by: Yuuta Liang <yuutaw@students.cs.ubc.ca>
Diffstat (limited to 'src/main/model/pki/cert/Validity.java')
-rw-r--r-- | src/main/model/pki/cert/Validity.java | 95 |
1 files changed, 95 insertions, 0 deletions
diff --git a/src/main/model/pki/cert/Validity.java b/src/main/model/pki/cert/Validity.java new file mode 100644 index 0000000..76279ed --- /dev/null +++ b/src/main/model/pki/cert/Validity.java @@ -0,0 +1,95 @@ +package model.pki.cert; + +import model.asn1.*; +import model.asn1.exceptions.ParseException; +import model.asn1.parsing.BytesReader; + +import java.util.Arrays; +import java.util.Collection; +import java.util.stream.Stream; + +/** + * Represents the following ASN.1 structure: + * <pre> + * Validity ::= SEQUENCE { + * notBefore Time, + * notAfter Time, + * ... + * } + * + * Time ::= CHOICE { + * utcTime UTCTime, + * generalizedTime GeneralizedTime + * } + * </pre> + * It describes the validity period of the certificate. + */ +public class Validity extends ASN1Object { + /** + * The certificate is not valid before that time. + */ + private final ASN1Time notBefore; + + /** + * The certificate is not valid after that time. + */ + private final ASN1Time notAfter; + + /** + * EFFECTS: Init with the given tag, parentTag, notBefore, and notAfter. For more info on tag and parentTag, see + * {@link ASN1Object}. + * REQUIRES: notBefore and notAfter are either UTCTime or GeneralizedTime. + */ + public Validity(Tag tag, Tag parentTag, + ASN1Time notBefore, ASN1Time notAfter) { + super(tag, parentTag); + this.notBefore = notBefore; + this.notAfter = notAfter; + } + + /** + * EFFECTS: Parse input DER. + * Throws {@link ASN1Object} if invalid: + * - Any fields missing (info, algorithm, signature) + * - Any fields having an incorrect tag (as seen in the ASN.1 definition) + * - Any fields with encoding instructions that violate implicit / explicit encoding rules + * - Other issues found during parsing the object, like early EOF (see {@link ASN1Object}) + * MODIFIES: this, encoded + */ + public Validity(BytesReader encoded, boolean hasParentTag) throws ParseException { + super(encoded, hasParentTag); + if (encoded.detectTag(GeneralizedTime.TAG)) { + this.notBefore = new GeneralizedTime(encoded, false); + this.notBefore.getTag().enforce(GeneralizedTime.TAG); + } else { + this.notBefore = new UtcTime(encoded, false); + this.notBefore.getTag().enforce(UtcTime.TAG); + } + if (encoded.detectTag(GeneralizedTime.TAG)) { + this.notAfter = new GeneralizedTime(encoded, false); + this.notAfter.getTag().enforce(GeneralizedTime.TAG); + } else { + this.notAfter = new UtcTime(encoded, false); + this.notAfter.getTag().enforce(UtcTime.TAG); + } + } + + /** + * EFFECTS: Encode into ordered DER. + */ + @Override + public Byte[] encodeValueDER() { + return Stream.of(Arrays.asList(notBefore.encodeDER()), + Arrays.asList(notAfter.encodeDER())) + .flatMap(Collection::stream) + .toArray(Byte[]::new); + } + + public ASN1Time getNotBefore() { + return notBefore; + } + + public ASN1Time getNotAfter() { + return notAfter; + } +} |