1 /*
2 * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26
27 package sun.security.pkcs10;
28
29 import java.io.PrintStream;
30 import java.io.IOException;
31 import java.math.BigInteger;
32
33 import java.security.cert.CertificateException;
34 import java.security.NoSuchAlgorithmException;
35 import java.security.InvalidKeyException;
36 import java.security.Signature;
37 import java.security.SignatureException;
38 import java.security.PublicKey;
39
40 import java.util.Base64;
41
42 import sun.security.util.*;
43 import sun.security.x509.AlgorithmId;
44 import sun.security.x509.X509Key;
45 import sun.security.x509.X500Name;
46
47 /**
48 * A PKCS #10 certificate request is created and sent to a Certificate
49 * Authority, which then creates an X.509 certificate and returns it to
50 * the entity that requested it. A certificate request basically consists
51 * of the subject's X.500 name, public key, and optionally some attributes,
52 * signed using the corresponding private key.
53 *
54 * The ASN.1 syntax for a Certification Request is:
55 * <pre>
56 * CertificationRequest ::= SEQUENCE {
57 * certificationRequestInfo CertificationRequestInfo,
58 * signatureAlgorithm SignatureAlgorithmIdentifier,
59 * signature Signature
60 * }
61 *
62 * SignatureAlgorithmIdentifier ::= AlgorithmIdentifier
63 * Signature ::= BIT STRING
64 *
65 * CertificationRequestInfo ::= SEQUENCE {
66 * version Version,
67 * subject Name,
68 * subjectPublicKeyInfo SubjectPublicKeyInfo,
69 * attributes [0] IMPLICIT Attributes
70 * }
71 * Attributes ::= SET OF Attribute
72 * </pre>
73 *
74 * @author David Brownell
75 * @author Amit Kapoor
76 * @author Hemma Prafullchandra
77 */
78 public class PKCS10 {
79 /**
80 * Constructs an unsigned PKCS #10 certificate request. Before this
81 * request may be used, it must be encoded and signed. Then it
82 * must be retrieved in some conventional format (e.g. string).
83 *
84 * @param publicKey the public key that should be placed
85 * into the certificate generated by the CA.
86 */
87 public PKCS10(PublicKey publicKey) {
88 subjectPublicKeyInfo = publicKey;
89 attributeSet = new PKCS10Attributes();
90 }
91
92 /**
93 * Constructs an unsigned PKCS #10 certificate request. Before this
94 * request may be used, it must be encoded and signed. Then it
95 * must be retrieved in some conventional format (e.g. string).
96 *
97 * @param publicKey the public key that should be placed
98 * into the certificate generated by the CA.
99 * @param attributes additonal set of PKCS10 attributes requested
100 * for in the certificate.
101 */
102 public PKCS10(PublicKey publicKey, PKCS10Attributes attributes) {
103 subjectPublicKeyInfo = publicKey;
104 attributeSet = attributes;
105 }
106
107 /**
108 * Parses an encoded, signed PKCS #10 certificate request, verifying
109 * the request's signature as it does so. This constructor would
110 * typically be used by a Certificate Authority, from which a new
111 * certificate would then be constructed.
112 *
113 * @param data the DER-encoded PKCS #10 request.
114 * @exception IOException for low level errors reading the data
115 * @exception SignatureException when the signature is invalid
116 * @exception NoSuchAlgorithmException when the signature
117 * algorithm is not supported in this environment
118 */
119 public PKCS10(byte[] data)
120 throws IOException, SignatureException, NoSuchAlgorithmException {
121 DerInputStream in;
122 DerValue[] seq;
123 AlgorithmId id;
124 byte[] sigData;
125 Signature sig;
126
127 encoded = data;
128
129 //
130 // Outer sequence: request, signature algorithm, signature.
131 // Parse, and prepare to verify later.
132 //
133 in = new DerInputStream(data);
134 seq = in.getSequence(3);
135
136 if (seq.length != 3)
137 throw new IllegalArgumentException("not a PKCS #10 request");
138
139 data = seq[0].toByteArray(); // reusing this variable
140 id = AlgorithmId.parse(seq[1]);
141 sigData = seq[2].getBitString();
142
143 //
144 // Inner sequence: version, name, key, attributes
145 //
146 BigInteger serial;
147 DerValue val;
148
149 serial = seq[0].data.getBigInteger();
150 if (!serial.equals(BigInteger.ZERO))
151 throw new IllegalArgumentException("not PKCS #10 v1");
152
153 subject = new X500Name(seq[0].data);
154 subjectPublicKeyInfo = X509Key.parse(seq[0].data.getDerValue());
155
156 // Cope with a somewhat common illegal PKCS #10 format
157 if (seq[0].data.available() != 0)
158 attributeSet = new PKCS10Attributes(seq[0].data);
159 else
160 attributeSet = new PKCS10Attributes();
161
162 if (seq[0].data.available() != 0)
163 throw new IllegalArgumentException("illegal PKCS #10 data");
164
165 //
166 // OK, we parsed it all ... validate the signature using the
167 // key and signature algorithm we found.
168 //
169 try {
170 sigAlg = id.getName();
171 sig = Signature.getInstance(sigAlg);
172 sig.initVerify(subjectPublicKeyInfo);
173 sig.update(data);
174 if (!sig.verify(sigData))
175 throw new SignatureException("Invalid PKCS #10 signature");
176 } catch (InvalidKeyException e) {
177 throw new SignatureException("invalid key");
178 }
179 }
180
181 /**
182 * Create the signed certificate request. This will later be
183 * retrieved in either string or binary format.
184 *
185 * @param subject identifies the signer (by X.500 name).
186 * @param signature private key and signing algorithm to use.
187 * @exception IOException on errors.
188 * @exception CertificateException on certificate handling errors.
189 * @exception SignatureException on signature handling errors.
190 */
191 public void encodeAndSign(X500Name subject, Signature signature)
192 throws CertificateException, IOException, SignatureException {
193 DerOutputStream out, scratch;
194 byte[] certificateRequestInfo;
195 byte[] sig;
196
197 if (encoded != null)
198 throw new SignatureException("request is already signed");
199
200 this.subject = subject;
201
202 /*
203 * Encode cert request info, wrap in a sequence for signing
204 */
205 scratch = new DerOutputStream();
206 scratch.putInteger(BigInteger.ZERO); // PKCS #10 v1.0
207 subject.encode(scratch); // X.500 name
208 scratch.write(subjectPublicKeyInfo.getEncoded()); // public key
209 attributeSet.encode(scratch);
210
211 out = new DerOutputStream();
212 out.write(DerValue.tag_Sequence, scratch); // wrap it!
213 certificateRequestInfo = out.toByteArray();
214 scratch = out;
215
216 /*
217 * Sign it ...
218 */
219 signature.update(certificateRequestInfo, 0,
220 certificateRequestInfo.length);
221 sig = signature.sign();
222 sigAlg = signature.getAlgorithm();
223
224 /*
225 * Build guts of SIGNED macro
226 */
227 AlgorithmId algId = null;
228 try {
229 algId = AlgorithmId.get(signature.getAlgorithm());
230 } catch (NoSuchAlgorithmException nsae) {
231 throw new SignatureException(nsae);
232 }
233 algId.encode(scratch); // sig algorithm
234 scratch.putBitString(sig); // sig
235
236 /*
237 * Wrap those guts in a sequence
238 */
239 out = new DerOutputStream();
240 out.write(DerValue.tag_Sequence, scratch);
241 encoded = out.toByteArray();
242 }
243
244 /**
245 * Returns the subject's name.
246 */
247 public X500Name getSubjectName() { return subject; }
248
249 /**
250 * Returns the subject's public key.
251 */
252 public PublicKey getSubjectPublicKeyInfo()
253 { return subjectPublicKeyInfo; }
254
255 /**
256 * Returns the signature algorithm.
257 */
258 public String getSigAlg() { return sigAlg; }
259
260 /**
261 * Returns the additional attributes requested.
262 */
263 public PKCS10Attributes getAttributes()
264 { return attributeSet; }
265
266 /**
267 * Returns the encoded and signed certificate request as a
268 * DER-encoded byte array.
269 *
270 * @return the certificate request, or null if encodeAndSign()
271 * has not yet been called.
272 */
273 public byte[] getEncoded() {
274 if (encoded != null)
275 return encoded.clone();
276 else
277 return null;
278 }
279
280 /**
281 * Prints an E-Mailable version of the certificate request on the print
282 * stream passed. The format is a common base64 encoded one, supported
283 * by most Certificate Authorities because Netscape web servers have
284 * used this for some time. Some certificate authorities expect some
285 * more information, in particular contact information for the web
286 * server administrator.
287 *
288 * @param out the print stream where the certificate request
289 * will be printed.
290 * @exception IOException when an output operation failed
291 * @exception SignatureException when the certificate request was
292 * not yet signed.
293 */
294 public void print(PrintStream out)
295 throws IOException, SignatureException {
296 if (encoded == null)
297 throw new SignatureException("Cert request was not signed");
298
299
300 byte[] CRLF = new byte[] {'\r', '\n'};
301 out.println("-----BEGIN NEW CERTIFICATE REQUEST-----");
302 out.println(Base64.getMimeEncoder(64, CRLF).encodeToString(encoded));
303 out.println("-----END NEW CERTIFICATE REQUEST-----");
304 }
305
306 /**
307 * Provides a short description of this request.
308 */
309 public String toString() {
310 return "[PKCS #10 certificate request:\n"
311 + subjectPublicKeyInfo.toString()
312 + " subject: <" + subject + ">" + "\n"
313 + " attributes: " + attributeSet.toString()
314 + "\n]";
315 }
316
317 /**
318 * Compares this object for equality with the specified
319 * object. If the <code>other</code> object is an
320 * <code>instanceof</code> <code>PKCS10</code>, then
321 * its encoded form is retrieved and compared with the
322 * encoded form of this certificate request.
323 *
324 * @param other the object to test for equality with this object.
325 * @return true iff the encoded forms of the two certificate
326 * requests match, false otherwise.
327 */
328 public boolean equals(Object other) {
329 if (this == other)
330 return true;
331 if (!(other instanceof PKCS10))
332 return false;
333 if (encoded == null) // not signed yet
334 return false;
335 byte[] otherEncoded = ((PKCS10)other).getEncoded();
336 if (otherEncoded == null)
337 return false;
338
339 return java.util.Arrays.equals(encoded, otherEncoded);
340 }
341
342 /**
343 * Returns a hashcode value for this certificate request from its
344 * encoded form.
345 *
346 * @return the hashcode value.
347 */
348 public int hashCode() {
349 int retval = 0;
350 if (encoded != null)
351 for (int i = 1; i < encoded.length; i++)
352 retval += encoded[i] * i;
353 return(retval);
354 }
355
356 private X500Name subject;
357 private PublicKey subjectPublicKeyInfo;
358 private String sigAlg;
359 private PKCS10Attributes attributeSet;
360 private byte[] encoded; // signed
361 }