Red Hat Application Migration Toolkit
package iaik.x509.ocsp;
import iaik.asn1.ASN;
import iaik.asn1.ASN1;
import iaik.asn1.ASN1Object;
import iaik.asn1.BIT_STRING;
import iaik.asn1.CON_SPEC;
import iaik.asn1.CodingException;
import iaik.asn1.DerCoder;
import iaik.asn1.INTEGER;
import iaik.asn1.ObjectID;
import iaik.asn1.SEQUENCE;
import iaik.asn1.structures.AlgorithmID;
import iaik.asn1.structures.GeneralName;
import iaik.utils.Util;
import iaik.x509.V3Extension;
import iaik.x509.X509Certificate;
import iaik.x509.X509ExtensionException;
import iaik.x509.X509ExtensionInitException;
import iaik.x509.ocsp.OCSPException;
import iaik.x509.ocsp.OCSPExtensions;
import iaik.x509.ocsp.Request;
import iaik.x509.ocsp.extensions.AcceptableResponses;
import iaik.x509.ocsp.extensions.Nonce;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.util.Enumeration;
public class OCSPRequest {
// $FF: synthetic field
static Class k;
// $FF: synthetic field
static Class j;
private boolean h;
private X509Certificate[] l;
private byte[] c;
private AlgorithmID d;
private OCSPExtensions i;
private Request[] f;
private GeneralName e;
private int a;
private ASN1 g;
static Class a(String var0) {
try {
return Class.forName(var0);
} catch (ClassNotFoundException var2) {
throw new NoClassDefFoundError(var2.getMessage());
}
}
public void writeTo(OutputStream var1) throws IOException {
if(this.h && this.c != null) {
throw new RuntimeException("Cannot encode this response. First it has to be signed.");
} else {
try {
var1.write(this.getEncoded());
} catch (CodingException var3) {
throw new IOException(var3.getMessage());
}
}
}
public void verify(PublicKey var1, String var2) throws SignatureException, InvalidKeyException, NoSuchAlgorithmException {
if(this.h) {
throw new RuntimeException("Cannot verify this request. First it has to be signed.");
} else if(this.d == null) {
throw new NoSuchAlgorithmException("Cannot verify request! No signature algorithm set.");
} else {
Signature var4 = this.d.getSignatureInstance(var2);
byte[] var3;
try {
var3 = this.g.getFirstObject();
} catch (CodingException var6) {
throw new SignatureException(var6.toString());
}
var4.initVerify(var1);
var4.update(var3);
if(!var4.verify(this.c)) {
throw new SignatureException("Signature verification error!");
}
}
}
public void verify(PublicKey var1) throws SignatureException, InvalidKeyException, NoSuchAlgorithmException {
this.verify(var1, (String)null);
}
public X509Certificate verify() throws OCSPException, SignatureException, InvalidKeyException, NoSuchAlgorithmException {
X509Certificate[] var1 = null;
if(this.l != null && this.l.length > 0) {
var1 = Util.arrangeCertificateChain(this.l, false);
if(var1 != null && var1.length > 0) {
this.verify(var1[0].getPublicKey());
return var1[0];
} else {
throw new OCSPException("Cannot verify request. Cannot build chain from included certs.");
}
} else {
throw new OCSPException("Cannot verify request. No certificates included.");
}
}
public String toString(boolean var1) {
StringBuffer var2 = new StringBuffer();
var2.append("Version: " + this.a + "\n");
if(this.e != null) {
var2.append("requestorName: " + this.e + "\n");
}
if(var1) {
for(int var3 = 0; var3 < this.f.length; ++var3) {
var2.append("request " + var3 + ": {\n");
var2.append(this.f[var3].toString(true) + "}");
}
} else {
var2.append("requests: " + this.f.length);
}
if(this.i != null) {
var2.append("\n");
if(var1) {
var2.append(this.i);
var2.setLength(var2.length() - 1);
} else {
var2.append("Extensions: " + this.i.countExtensions());
}
}
if(this.d != null) {
var2.append("\nSignature algorithm: " + this.d);
}
if(this.l != null) {
var2.append("\ncertificates: " + this.l.length);
}
return var2.toString();
}
public String toString() {
return this.toString(false);
}
public ASN1Object toASN1Object() throws CodingException {
if(this.h && this.c != null) {
throw new RuntimeException("Cannot give an ASN.1 representation of this request. First it has to be resigned.");
} else {
if(this.c == null && this.g.toASN1Object() == null) {
try {
this.b();
} catch (OCSPException var2) {
throw new CodingException(var2.getMessage());
}
}
return this.g.toASN1Object();
}
}
public void sign(AlgorithmID var1, PrivateKey var2, String var3) throws NoSuchAlgorithmException, InvalidKeyException, OCSPException {
if(var1 == null) {
throw new OCSPException("Cannot sign request! No signature algorithm specified!");
} else {
this.d = var1;
Signature var4 = this.d.getSignatureInstance(var3);
ASN1Object var5 = this.a();
var4.initSign(var2);
try {
var4.update(DerCoder.encode(var5));
this.c = var4.sign();
BIT_STRING var6 = new BIT_STRING(this.c);
SEQUENCE var7 = new SEQUENCE();
SEQUENCE var8 = new SEQUENCE();
var8.addComponent(this.d.toASN1Object());
var8.addComponent(var6);
if(this.l != null && this.l.length > 0) {
var8.addComponent(new CON_SPEC(0, ASN.createSequenceOf(this.l)));
}
var7.addComponent(var5);
var7.addComponent(new CON_SPEC(0, var8));
this.g = new ASN1(var7);
} catch (CodingException var9) {
throw new OCSPException(var9.getMessage());
} catch (SignatureException var10) {
throw new OCSPException(var10.getMessage());
}
this.h = false;
}
}
public void sign(AlgorithmID var1, PrivateKey var2) throws NoSuchAlgorithmException, InvalidKeyException, OCSPException {
this.sign(var1, var2, (String)null);
}
public void setSignature(AlgorithmID var1, byte[] var2) throws OCSPException {
if(var1 == null) {
throw new OCSPException("Cannot sign request! No signature algorithm specified!");
} else if(var2 != null && var2.length != 0) {
this.d = var1;
this.c = var2;
ASN1Object var3 = this.a();
try {
BIT_STRING var4 = new BIT_STRING(this.c);
SEQUENCE var5 = new SEQUENCE();
SEQUENCE var6 = new SEQUENCE();
var6.addComponent(this.d.toASN1Object());
var6.addComponent(var4);
if(this.l != null && this.l.length > 0) {
var6.addComponent(new CON_SPEC(0, ASN.createSequenceOf(this.l)));
}
var5.addComponent(var3);
var5.addComponent(new CON_SPEC(0, var6));
this.g = new ASN1(var5);
} catch (CodingException var7) {
throw new OCSPException(var7.getMessage());
}
this.h = false;
} else {
throw new OCSPException("Cannot set empty signature value!");
}
}
public void setRequestorName(GeneralName var1) {
this.e = var1;
this.h = true;
}
public void setRequestList(Request[] var1) {
this.f = var1;
this.h = true;
if(var1 != null) {
for(int var2 = 0; var2 < var1.length; ++var2) {
if(var1[var2].getReqCert().getType() != 0) {
this.a = 2;
return;
}
}
}
}
public void setNonce(byte[] var1) throws X509ExtensionException {
this.addExtension(new Nonce(var1));
}
public void setCertificates(X509Certificate[] var1) {
this.l = var1;
this.h = true;
}
public void setAcceptableResponseTypes(ObjectID[] var1) throws X509ExtensionException {
this.addExtension(new AcceptableResponses(var1));
}
public boolean removeExtension(ObjectID var1) {
boolean var2 = false;
var2 = this.i == null?false:this.i.removeExtension(var1);
if(var2) {
this.h = true;
}
return var2;
}
public void removeAllExtensions() {
if(this.i != null) {
this.i.removeAllExtensions();
this.h = true;
}
this.i = null;
}
public Enumeration listExtensions() {
return this.i == null?null:this.i.listExtensions();
}
private void c() throws X509ExtensionException, CodingException {
int var1 = 0;
ASN1Object var3 = this.g.getComponentAt(0);
ASN1Object var2 = var3.getComponentAt(0);
if(var2.isA(ASN.CON_SPEC) && var2.getAsnType().getTag() == 0) {
BigInteger var4 = (BigInteger)((ASN1Object)var2.getValue()).getValue();
this.a = var4.intValue() + 1;
++var1;
}
var2 = var3.getComponentAt(var1);
if(var2.isA(ASN.CON_SPEC) && var2.getAsnType().getTag() == 1) {
this.e = new GeneralName((ASN1Object)var2.getValue());
++var1;
}
var2 = var3.getComponentAt(var1);
this.f = (Request[])ASN.parseSequenceOf(var2, j != null?j:(j = a("iaik.x509.ocsp.Request")));
int var7 = 1 + var1;
if(var7 < var3.countComponents()) {
var2 = var3.getComponentAt(var7);
this.i = new OCSPExtensions((ASN1Object)var2.getValue());
}
if(this.g.countComponents() == 2) {
ASN1Object var5 = (ASN1Object)this.g.getComponentAt(1).getValue();
this.d = new AlgorithmID(var5.getComponentAt(0));
if(this.d == null) {
throw new CodingException("Request is signed, but signature algorithm is missing!");
}
BIT_STRING var6 = (BIT_STRING)var5.getComponentAt(1);
this.c = (byte[])var6.getValue();
if(this.c == null) {
throw new CodingException("Request is signed, but signature value is missing!");
}
if(var5.countComponents() == 3) {
this.l = (X509Certificate[])ASN.parseSequenceOf((ASN1Object)var5.getComponentAt(2).getValue(), k != null?k:(k = a("iaik.x509.X509Certificate")));
}
this.h = false;
}
this.g.clearASN1Object();
}
public boolean hasUnsupportedCriticalExtension() {
return this.i == null?false:this.i.hasUnsupportedCriticalExtension();
}
public boolean hasExtensions() {
return this.i == null?false:this.i.hasExtensions();
}
public int getVersion() {
return this.a;
}
public byte[] getTBSRequest() throws CodingException {
try {
return this.g != null && this.g.toByteArray() != null?this.g.getFirstObject():DerCoder.encode(this.a());
} catch (OCSPException var2) {
throw new CodingException(var2.toString());
}
}
public AlgorithmID getSignatureAlgorithm() {
return this.d;
}
public byte[] getSignature() {
return this.c;
}
public GeneralName getRequestorName() {
return this.e;
}
public Request[] getRequestList() {
return this.f;
}
public byte[] getNonce() throws X509ExtensionInitException {
Nonce var1 = (Nonce)this.getExtension(Nonce.oid);
return var1 == null?null:var1.getValue();
}
public V3Extension getExtension(ObjectID var1) throws X509ExtensionInitException {
return this.i == null?null:this.i.getExtension(var1);
}
public byte[] getEncoded() throws CodingException {
if(this.h && this.c != null) {
throw new RuntimeException("Cannot encode this request. First it has to be resigned.");
} else {
if(this.c == null && this.g.toByteArray() == null) {
try {
this.b();
} catch (OCSPException var2) {
throw new CodingException(var2.getMessage());
}
}
return this.g.toByteArray();
}
}
public X509Certificate[] getCertifcates() {
return this.l;
}
public ObjectID[] getAccepatableResponseTypes() throws X509ExtensionInitException {
AcceptableResponses var1 = (AcceptableResponses)this.getExtension(AcceptableResponses.oid);
return var1 == null?null:var1.getAcceptableResponseTypes();
}
public void decode(byte[] var1) throws CodingException {
try {
this.g = new ASN1(var1);
this.c();
} catch (X509ExtensionException var3) {
throw new CodingException(var3.getMessage());
}
}
public void decode(InputStream var1) throws IOException {
try {
this.g = new ASN1(var1);
this.c();
} catch (X509ExtensionException var3) {
throw new IOException(var3.getMessage());
} catch (CodingException var4) {
throw new IOException(var4.getMessage());
}
}
public void decode(ASN1Object var1) throws CodingException {
this.g = new ASN1(var1);
try {
this.c();
} catch (Exception var3) {
throw new CodingException(var3.toString());
}
}
private void b() throws OCSPException {
try {
this.a();
SEQUENCE var1 = new SEQUENCE();
var1.addComponent(this.a());
this.g = new ASN1(var1);
} catch (CodingException var2) {
throw new OCSPException(var2.getMessage());
}
}
private ASN1Object a() throws OCSPException {
if(this.f != null && this.f.length != 0) {
try {
SEQUENCE var1 = new SEQUENCE();
if(this.a > 1) {
var1.addComponent(new CON_SPEC(0, new INTEGER(this.a - 1)));
}
if(this.e != null) {
var1.addComponent(new CON_SPEC(1, this.e.toASN1Object()));
}
var1.addComponent(ASN.createSequenceOf(this.f));
if(this.i != null) {
var1.addComponent(new CON_SPEC(2, this.i.toASN1Object()));
}
return var1;
} catch (Exception var2) {
throw new OCSPException(var2.getMessage());
}
} else {
throw new OCSPException("No single requests set!");
}
}
public int countRequests() {
return this.f.length;
}
public int countExtensions() {
return this.i == null?0:this.i.countExtensions();
}
public boolean containsSignature() {
return this.c != null;
}
public boolean containsCertificates() {
return this.l != null && this.l.length > 0;
}
public void addExtension(V3Extension var1) throws X509ExtensionException {
if(this.i == null) {
this.i = new OCSPExtensions();
}
this.i.addExtension(var1);
this.h = true;
}
public OCSPRequest(byte[] var1) throws CodingException {
this();
this.decode(var1);
}
public OCSPRequest(InputStream var1) throws IOException {
this();
this.decode(var1);
}
public OCSPRequest() {
this.a = 1;
this.h = true;
this.g = new ASN1();
}
static {
Util.toString((byte[])null, -1, 1);
}
}