x509certificate.java

来自「This is a resource based on j2me embedde」· Java 代码 · 共 1,650 行 · 第 1/5 页

/*
 *    
 *
 * Copyright  1990-2007 Sun Microsystems, Inc. All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER
 * 
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License version
 * 2 only, as published by the Free Software Foundation.
 * 
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * General Public License version 2 for more details (a copy is
 * included at /legal/license.txt).
 * 
 * You should have received a copy of the GNU General Public License
 * version 2 along with this work; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
 * 02110-1301 USA
 * 
 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa
 * Clara, CA 95054 or visit www.sun.com if you need additional
 * information or have any questions.
 */

package com.sun.midp.pki;

import java.io.IOException;

import java.util.*;

import javax.microedition.pki.*;

import com.sun.midp.log.Logging;
import com.sun.midp.log.LogChannels;

import com.sun.midp.crypto.*;

/**
 * This class implements methods for creating X.509 certificates and
 * accessing their attributes such as subject/issuer names, public keys
 * and validity information. Publicly visible methods methods are 
 * modeled after those in the X509Certificate classes 
 * from J2SE (standard edition) but there are some differences and 
 * these are documented below. <P />
 * NOTE: For now, only X.509 certificates containing RSA public keys
 * and signed either using md2WithRSA, md5WithRSA, or sha-1WithRSA are
 * supported.
 * This version of the implementation is unable to parse certificates
 * containing DSA keys or signed using DSA. Certificates containing
 * RSA keys but signed using an unsupported algorithm
 * can be parsed but cannot be verified. Not all version 3 extensions are 
 * supported (only subjectAltName, basicConstraints, keyUsage and
 * extendedKeyUsage are recognized) but if an unrecognized
 * extension is marked critical, an error notification is generated. 
 * <P />
 */
public class X509Certificate implements Certificate {
    /** Indicates a no error condition. */
    public static final byte NO_ERROR  = 0;

    /**
     * Indicates that no information is available on
     * the pathLengthConstraint associated with this certificate
     * (this could happen if the certifiate is a v1 or v2 cert or
     * a v3 cert without basicConstraints or a non-CA v3 certificate).
     */
    public static final int MISSING_PATH_LENGTH_CONSTRAINT = -1;
    /** Indicates there is no limit to the server certificate chain length. */
    public static final int UNLIMITED_CERT_CHAIN_LENGTH = 65535;

    /** We expect issuer/subject names to fit within these many bytes. */
    private static final int MAX_NAME_LENGTH = 300;
    
    /** ASN ANY_STRING type used in certificate parsing (0x00). */
    private static final byte ANY_STRING_TYPE = 0x00; // our own impl
    // private static final byte BOOLEAN_TYPE  = 0x01 ?????
    /** ASN INTEGER type used in certificate parsing (0x02). */
    private static final byte INTEGER_TYPE    = 0x02;
    /** ASN BIT STRING type used in certificate parsing (0x03). */
    private static final byte BITSTRING_TYPE  = 0x03;
    /** ASN OCTET STRING type used in certificate parsing (0x04). */
    private static final byte OCTETSTR_TYPE   = 0x04;
    /** ASN OBJECT ID type used in certificate parsing (0x06). */
    private static final byte OID_TYPE        = 0x06;
    /** ASN UTF8 STRING type used in certificate parsing (0x0c). */
    private static final byte UTF8STR_TYPE    = 0x0c;
    /** ASN UNICODE STRING type used in certificate parsing (0x12). */
    private static final byte UNIVSTR_TYPE    = 0x12;
    /** ASN PRINT STRING type used in certificate parsing (0x13). */
    private static final byte PRINTSTR_TYPE   = 0x13;
    /** ASN TELETEX STRING type used in certificate parsing (0x14). */
    private static final byte TELETEXSTR_TYPE = 0x14;
    // private static final byte BMPSTR_TYPE     = 0x??
    /** ASN IA5 STRING type used in certificate parsing (0x16). */
    private static final byte IA5STR_TYPE     = 0x16;  // Used for EmailAddress
    /** ASN SEQUENCE type used in certificate parsing (0x30). */
    private static final byte SEQUENCE_TYPE   = 0x30;
    /** ASN SET type used in certificate parsing (0x31). */
    private static final byte SET_TYPE        = 0x31;

    /** Email address (rfc 822) alternative name type code. */
    public static final byte TYPE_EMAIL_ADDRESS = 1;
    /** DNS name alternative name type code. */
    public static final byte TYPE_DNS_NAME = 2;
    /** URI alternative name type code. */
    public static final byte TYPE_URI = 6;
    /** IP address alternative name type code. */
    public static final byte TYPE_IP_ADDRESS = 7;

    /** Bit mask for digital signature key usage.  */
    public static final int DIGITAL_SIG_KEY_USAGE = 0x00000001;
    /** Bit mask for non repudiation key usage. */
    public static final int NON_REPUDIATION_KEY_USAGE = 0x00000002;
    /** Bit mask for key encipherment key usage. */
    public static final int KEY_ENCIPHER_KEY_USAGE = 0x00000004;
    /** Bit mask for data encipherment key usage. */
    public static final int DATA_ENCIPHER_KEY_USAGE = 0x00000008;
    /** Bit mask for key agreement key usage. */
    public static final int KEY_AGREEMENT_KEY_USAGE = 0x00000010;
    /** Bit mask for key certificate sign key usage. */
    public static final int CERT_SIGN_KEY_USAGE = 0x00000020;
    /** Bit mask for CRL sign key usage. */
    public static final int CRL_SIGN_KEY_USAGE = 0x00000040;
    /** Bit mask for encipher only key usage. */
    public static final int ENCIPHER_ONLY_KEY_USAGE = 0x00000080;
    /** Bit mask for decipher only key usage. */
    public static final int DECIPHER_ONLY_KEY_USAGE = 0x00000100;

    /** Bit mask server auth for extended key usage. */
    public static final int SERVER_AUTH_EXT_KEY_USAGE = 0x00000002;
    /** Bit mask client auth for extended key usage. */
    public static final int CLIENT_AUTH_EXT_KEY_USAGE = 0x00000004;
    /** Bit code signing mask for extended key usage. */
    public static final int CODE_SIGN_EXT_KEY_USAGE = 0x00000008;
    /** Bit email protection mask for extended key usage. */
    public static final int EMAIL_EXT_KEY_USAGE = 0x00000010;
    /** Bit IPSEC end system mask for extended key usage. */
    public static final int IPSEC_END_SYS_EXT_KEY_USAGE = 0x00000020;
    /** Bit IPSEC tunnel mask for extended key usage. */
    public static final int IPSEC_TUNNEL_EXT_KEY_USAGE = 0x00000040;
    /** Bit IPSEC user mask for extended key usage. */
    public static final int IPSEC_USER_EXT_KEY_USAGE = 0x00000080;
    /** Bit time stamping mask for extended key usage. */
    public static final int TIME_STAMP_EXT_KEY_USAGE = 0x00000100;
    /** Bit mask OCSP for extended key usage. */
    public static final int OCSP_EXT_KEY_USAGE = 0x00000200;

    /**
     * The validity period is contained in thirteen bytes
     * yymmddhhmmss followed by 'Z' (for zulu ie GMT), if yy < 50
     * assume 20yy else 19yy.
     */
    private static final int UTC_LENGTH      = 13;

    /**
     * Maps byte codes that follow id-at (0x55 0x04) to corresponding name
     * component tags (e.g. Commom Name, or CN, is 0x55, 0x04, 0x03 and
     * Country, or C, is 0x55, 0x04, 0x06). See getName. See X.520 for
     * the OIDs and RFC 1779 for the printable labels. Place holders for
     * unknown labels have a 0 as the first char.
     */
    private static final char[][] nameAttr = {
        { 0 },
        { 0 },
        { 0 },
        { 'C', 'N' },                    // Common name: id-at 3
        { 'S', 'N'},                     // Surname: id-at 4
        { 0 },
        { 'C'},                          // Country: id-at 6
        { 'L'},                          // Locality: id-at 7
        { 'S', 'T'},                     // State or province: id-at 8
        { 'S', 'T', 'R', 'E', 'E', 'T'}, // Street address: id-at 9
        { 'O'},                          // Organization: id-at 10
        { 'O', 'U'},                     // Organization unit: id-at 11
    };

    /** Email attribute label in bytes. "EmailAddress" */
    private static final char[] EMAIL_ATTR_LABEL = {
        'E', 'm', 'a', 'i', 'l', 'A', 'd', 'd', 'r', 'e', 's', 's'
    };

    /** Email attribute object identifier. */
    private static final byte[] EMAIL_ATTR_OID = {
        (byte)0x2a, (byte)0x86, (byte)0x48, (byte)0x86, (byte)0xf7, 
        (byte)0x0d, (byte)0x01, (byte)0x09, (byte)0x01
    };

    /** Includes DER encoding for OID 1.2.840.113549.1.1. */
    private static final byte[] PKCS1Seq = {
        (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09, 
        (byte) 0x2a, (byte) 0x86, (byte) 0x48, (byte) 0x86,
        (byte) 0xf7, (byte) 0x0d, (byte) 0x01, (byte) 0x01,
    };
    
    /**
     * DSA OIDs: 1.2.840.10040.4.[1|3]
     * If the last digit is 1, this is "DSA Signature Keys" OID,
     * if 3 - the OID identifying id-dsa-with-sha1 signature algorithm.
     * "Start sequence" (0x30) and "sequence lenght" bytes are not included
     * in the array.
     */
    private static final byte[] DSASeq = {
        (byte) 0x06, (byte) 0x07, (byte) 0x2a, (byte) 0x86,
        (byte) 0x48, (byte) 0xce, (byte) 0x38, (byte) 0x04
    };

    /*
     * These signature algorithms are encoded as PKCS1Seq followed by
     * a single byte with the corresponding value shown below, e.g.
     * md5WithRSAEncryption OBJECT IDENTIFIER  ::=  { 
     *     iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
     *     pkcs-1(1) 4  
     * }
     */
    /** Unknown algorithm (-1). */
    private static final byte NONE           = -1;
    /** RAS ENCRYPTION (0x01). */
    private static final byte RSA_ENCRYPTION = 0x01;
    /** MD2_RSA algorithm (0x02). */
    private static final byte MD2_RSA        = 0x02;
    /** MD4_RSA algorithm (0x03). */
    private static final byte MD4_RSA        = 0x03;
    /** MD4_RSA algorithm (0x04). */
    private static final byte MD5_RSA        = 0x04;
    /** SHA1_RSA algorithm (0x05). */
    private static final byte SHA1_RSA       = 0x05;

    /** DSA algorithm mask. */
    private static final byte DSA_MASK       = (byte)0x80;

    /**
     * Expected prefix in decrypted value when MD2 hash is used for signing
     *  30 20 30 0c 06 08 2a 86 48 86 f7 0d 02 02 05 00 04 10 see verify().
     */
    private static final byte[] PREFIX_MD2 = {
        (byte) 0x30, (byte) 0x20, (byte) 0x30, (byte) 0x0c,
        (byte) 0x06, (byte) 0x08, (byte) 0x2a, (byte) 0x86,
        (byte) 0x48, (byte) 0x86, (byte) 0xf7, (byte) 0x0d,
        (byte) 0x02, (byte) 0x02, (byte) 0x05, (byte) 0x00, 
        (byte) 0x04, (byte) 0x10
    };
    
    /**
     * Expected prefix in decrypted value when MD5 hash is used for signing
     *  30 20 30 0c 06 08 2a 86 48 86 f7 0d 02 05 05 00 04 10 see verify().
     */
    private static final byte[] PREFIX_MD5 = {
        (byte) 0x30, (byte) 0x20, (byte) 0x30, (byte) 0x0c,
        (byte) 0x06, (byte) 0x08, (byte) 0x2a, (byte) 0x86,
        (byte) 0x48, (byte) 0x86, (byte) 0xf7, (byte) 0x0d,
        (byte) 0x02, (byte) 0x05, (byte) 0x05, (byte) 0x00, 
        (byte) 0x04, (byte) 0x10
    };

    /**
     * Expected prefix in decrypted value when SHA-1 hash is used for signing
     * 30 21 30 09 06 05 2b 0e 03 02 1a 05 00 04 14.
     */
    private static final byte[] PREFIX_SHA1 = {
        (byte) 0x30, (byte) 0x21, (byte) 0x30, (byte) 0x09,
        (byte) 0x06, (byte) 0x05, (byte) 0x2b, (byte) 0x0e,
        (byte) 0x03, (byte) 0x02, (byte) 0x1a, (byte) 0x05,
        (byte) 0x00, (byte) 0x04, (byte) 0x14
    };
    
    /** ASN encoding for NULL. */
    private static final byte[] NullSeq = {
        (byte) 0x05, (byte) 0x00
    };

    /** This is how the encoding of validity information begins. */
    private static final byte[] ValiditySeq = {
        (byte) 0x30, (byte) 0x1e
    };
    
    /** This is how the encoding of UTCTime begins. */
    private static final byte[] UTCSeq = {
        (byte) 0x17, (byte) 0x0d
    };
    
    /** Includes DER encoding for id-kp (key purpose). */
    private static final byte[] ID_KP = {
        (byte) 0x2b, (byte) 0x06, (byte) 0x01, (byte) 0x05,
        (byte) 0x05, (byte) 0x07, (byte) 0x03
    };

    /** Includes DER encoding for id-pe-authorityInfoAccess. */
    private static final byte[] ID_AIA = {
        0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01
    };

    /** True if subject matches issuer. */
    private boolean selfSigned;
    /** X.509 version. For more readable code the version field starts a 1. */
    private byte version = 1;
    /** MD5 fingerprint of the certificate. */
    private byte[] fp = null;  
    /** Certificate serial number. */
    private String serialNumber;
    /** Certificate serial number represented as a byte array. */
    private byte[] serialNumberBytes;
    /** Certificate subject. */
    private String subject;
    /** Certificate issuer. */
    private String issuer;
    /** Beginning of certificate validity period. */
    private long from = 0; 
    /** End of certificate validity period. */
    private long until = 0;
    /** Certificate RSA Public key. */
    private RSAPublicKey pubKey = null;
    
    // The following fields are only meaningful in certificates created
    // by fully parsing the DER encoding. They are meaningless on
    // certificates created using the Certificate constructor below.
    /** Index inside encoding. */
    private int idx = 0; 
    /** Contains Certificate DER encoding. */
    private byte[] enc = null;
    /** Offset where TBSCertificate starts. */
    private int TBSStart = 0;
    /** Length of TBSCertificate. */
    private int TBSLen = 0;
    /** Algorithm used to sign the cert. */
    private byte sigAlg = NONE;
    /** Issuer signature on certificate. */
    private byte[] signature = null;
    /** Hash of TBSCertificate. */