Red Hat Application Migration Toolkit
package iaik.x509.ocsp;
import iaik.asn1.ASN;
import iaik.asn1.ASN1;
import iaik.asn1.ASN1Object;
import iaik.asn1.BIT_STRING;
import iaik.asn1.CON_SPEC;
import iaik.asn1.CodingException;
import iaik.asn1.DerCoder;
import iaik.asn1.INTEGER;
import iaik.asn1.ObjectID;
import iaik.asn1.SEQUENCE;
import iaik.asn1.structures.AlgorithmID;
import iaik.asn1.structures.ChoiceOfTime;
import iaik.asn1.structures.GeneralName;
import iaik.utils.Util;
import iaik.x509.V3Extension;
import iaik.x509.X509Certificate;
import iaik.x509.X509ExtensionException;
import iaik.x509.X509ExtensionInitException;
import iaik.x509.ocsp.CertID;
import iaik.x509.ocsp.CertificateResponse;
import iaik.x509.ocsp.OCSPException;
import iaik.x509.ocsp.OCSPExtensions;
import iaik.x509.ocsp.ReqCert;
import iaik.x509.ocsp.ResponderID;
import iaik.x509.ocsp.Response;
import iaik.x509.ocsp.SingleResponse;
import iaik.x509.ocsp.extensions.Nonce;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.util.Date;
import java.util.Enumeration;
public class BasicOCSPResponse extends Response {
// $FF: synthetic field
static Class j;
// $FF: synthetic field
static Class k;
private boolean h;
private byte[] b;
private X509Certificate[] l;
private AlgorithmID c;
private OCSPExtensions i;
private SingleResponse[] d;
private ChoiceOfTime g;
private ResponderID f;
private int a;
private ASN1 e;
public static final ObjectID responseType = new ObjectID("1.3.6.1.5.5.7.48.1.1", "id-pkix-ocsp-basic");
static Class a(String var0) {
try {
return Class.forName(var0);
} catch (ClassNotFoundException var2) {
throw new NoClassDefFoundError(var2.getMessage());
}
}
public void writeTo(OutputStream var1) throws IOException {
this.c();
this.e.writeTo(var1);
}
public void verify(PublicKey var1, String var2) throws SignatureException, InvalidKeyException, NoSuchAlgorithmException {
this.c();
Signature var3 = this.c.getSignatureInstance(var2);
try {
byte[] var4 = this.e.getFirstObject();
var3.initVerify(var1);
var3.update(var4);
} catch (CodingException var5) {
throw new SignatureException(var5.toString());
}
if(!var3.verify(this.b)) {
throw new SignatureException("Signature verification error!");
}
}
public void verify(PublicKey var1) throws SignatureException, InvalidKeyException, NoSuchAlgorithmException {
this.verify(var1, (String)null);
}
public X509Certificate verify() throws OCSPException, SignatureException, InvalidKeyException, NoSuchAlgorithmException {
X509Certificate[] var1 = null;
if(this.l != null && this.l.length > 0) {
var1 = Util.arrangeCertificateChain(this.l, false);
if(var1 != null && var1.length > 0) {
this.verify(var1[0].getPublicKey());
return var1[0];
} else {
throw new OCSPException("Cannot verify request. Cannot build chain from included certs.");
}
} else {
throw new OCSPException("Cannot verify request. No certificates included.");
}
}
public String toString(boolean var1) {
StringBuffer var2 = new StringBuffer();
var2.append("Version: " + this.a + "\n");
var2.append("ResponderID: " + this.f + "\n");
var2.append("ProducedAt: " + this.g + "\n");
if(var1) {
for(int var3 = 0; var3 < this.d.length; ++var3) {
var2.append("singleResponse " + var3 + ": {\n");
var2.append(this.d[var3].toString(true) + "}");
}
} else {
var2.append("singleResponses: " + this.d.length);
}
var2.append("\n");
if(this.i != null) {
if(var1) {
var2.append(this.i);
} else {
var2.append("Extensions: " + this.i.countExtensions());
var2.append("\n");
}
}
var2.append("Signature algorithm: " + this.c + "\n");
if(this.l != null) {
var2.append("certificates: " + this.l.length + "\n");
}
return var2.toString();
}
public String toString() {
return this.toString(false);
}
public ASN1Object toASN1Object() {
this.c();
return this.e.toASN1Object();
}
public void sign(AlgorithmID var1, PrivateKey var2, String var3) throws NoSuchAlgorithmException, InvalidKeyException, OCSPException {
if(var1 == null) {
throw new OCSPException("Cannot sign response! No signature algorithm specified!");
} else {
this.c = var1;
Signature var4 = this.c.getSignatureInstance(var3);
ASN1Object var5 = this.a();
var4.initSign(var2);
try {
var4.update(DerCoder.encode(var5));
this.b = var4.sign();
BIT_STRING var6 = new BIT_STRING(this.b);
SEQUENCE var7 = new SEQUENCE();
var7.addComponent(var5);
var7.addComponent(this.c.toASN1Object());
var7.addComponent(var6);
if(this.l != null && this.l.length > 0) {
var7.addComponent(new CON_SPEC(0, ASN.createSequenceOf(this.l)));
}
this.e = new ASN1(var7);
} catch (CodingException var8) {
throw new OCSPException(var8.toString());
} catch (SignatureException var9) {
throw new OCSPException(var9.toString());
}
this.e();
}
}
public void sign(AlgorithmID var1, PrivateKey var2) throws NoSuchAlgorithmException, InvalidKeyException, OCSPException {
this.sign(var1, var2, (String)null);
}
public void setSingleResponses(SingleResponse[] var1) {
this.d = var1;
this.d();
if(this.d != null) {
for(int var2 = 0; var2 < this.d.length; ++var2) {
if(this.d[var2].getReqCert().getType() != 0) {
this.a = 2;
return;
}
}
}
}
private void e() {
this.h = false;
}
public void setSignature(AlgorithmID var1, byte[] var2) throws OCSPException {
if(var1 == null) {
throw new OCSPException("Cannot set signature! No signature algorithm specified!");
} else if(var2 != null && var2.length != 0) {
this.c = var1;
this.b = var2;
ASN1Object var3 = this.a();
try {
BIT_STRING var4 = new BIT_STRING(this.b);
SEQUENCE var5 = new SEQUENCE();
var5.addComponent(var3);
var5.addComponent(this.c.toASN1Object());
var5.addComponent(var4);
if(this.l != null && this.l.length > 0) {
var5.addComponent(new CON_SPEC(0, ASN.createSequenceOf(this.l)));
}
this.e = new ASN1(var5);
} catch (CodingException var6) {
throw new OCSPException(var6.toString());
}
this.e();
} else {
throw new OCSPException("Cannot set empty signature value!");
}
}
public void setResponderID(ResponderID var1) {
this.f = var1;
this.d();
}
public void setProducedAt(Date var1) {
this.g = new ChoiceOfTime(var1);
this.g.setEncodingType(ASN.GeneralizedTime);
this.d();
}
public void setNonce(byte[] var1) throws X509ExtensionException {
this.addExtension(new Nonce(var1));
}
private void d() {
this.h = true;
}
public void setCertificates(X509Certificate[] var1) {
this.l = var1;
this.d();
}
public boolean removeExtension(ObjectID var1) {
boolean var2 = false;
var2 = this.i == null?false:this.i.removeExtension(var1);
if(var2) {
this.d();
}
return var2;
}
public void removeAllExtensions() {
if(this.i != null) {
this.i.removeAllExtensions();
this.d();
}
this.i = null;
}
public Enumeration listExtensions() {
return this.i == null?null:this.i.listExtensions();
}
private void b() throws X509ExtensionException, CodingException {
int var1 = 0;
ASN1Object var3 = this.e.getComponentAt(0);
this.c = new AlgorithmID(this.e.getComponentAt(1));
ASN1Object var4 = this.e.getComponentAt(2);
this.b = (byte[])((BIT_STRING)var4).getValue();
if(this.e.countComponents() == 4) {
this.l = (X509Certificate[])ASN.parseSequenceOf((ASN1Object)this.e.getComponentAt(3).getValue(), k != null?k:(k = a("iaik.x509.X509Certificate")));
}
ASN1Object var2 = var3.getComponentAt(0);
if(var2.isA(ASN.CON_SPEC) && var2.getAsnType().getTag() == 0) {
BigInteger var5 = (BigInteger)((ASN1Object)var2.getValue()).getValue();
this.a = var5.intValue() + 1;
++var1;
}
this.f = new ResponderID(var3.getComponentAt(var1));
this.g = new ChoiceOfTime(var3.getComponentAt(1 + var1));
var2 = var3.getComponentAt(2 + var1);
this.d = (SingleResponse[])ASN.parseSequenceOf(var2, j != null?j:(j = a("iaik.x509.ocsp.SingleResponse")));
int var6 = 3 + var1;
if(var6 < var3.countComponents()) {
var2 = var3.getComponentAt(var6);
this.i = new OCSPExtensions((ASN1Object)var2.getValue());
}
this.e.clearASN1Object();
this.e();
}
public boolean hasUnsupportedCriticalExtension() {
return this.i == null?false:this.i.hasUnsupportedCriticalExtension();
}
public boolean hasExtensions() {
return this.i == null?false:this.i.hasExtensions();
}
public int getVersion() {
return this.a;
}
public byte[] getTBSResponseData() throws CodingException {
try {
return this.e != null && this.e.toByteArray() != null?this.e.getFirstObject():DerCoder.encode(this.a());
} catch (OCSPException var2) {
throw new CodingException(var2.toString());
}
}
public SingleResponse[] getSingleResponses() {
return this.d;
}
public SingleResponse getSingleResponse(ReqCert var1) throws OCSPException {
return (SingleResponse)this.getCertificateResponse(var1);
}
public SingleResponse getSingleResponse(X509Certificate var1, X509Certificate var2, GeneralName var3) throws OCSPException {
return (SingleResponse)this.getCertificateResponse(var1, var2, var3);
}
public AlgorithmID getSignatureAlgorithm() {
return this.c;
}
public byte[] getSignature() {
return this.b;
}
public ObjectID getResponseType() {
return responseType;
}
public ResponderID getResponderID() {
return this.f;
}
public Date getProducedAt() {
return this.g == null?null:this.g.getDate();
}
public byte[] getNonce() throws X509ExtensionInitException {
Nonce var1 = (Nonce)this.getExtension(Nonce.oid);
return var1 == null?null:var1.getValue();
}
public V3Extension getExtension(ObjectID var1) throws X509ExtensionInitException {
return this.i == null?null:this.i.getExtension(var1);
}
public byte[] getEncoded() {
this.c();
return this.e.toByteArray();
}
public X509Certificate[] getCertificates() {
return this.l;
}
public CertificateResponse getCertificateResponse(ReqCert var1) throws OCSPException {
if(this.d != null) {
boolean var2 = false;
boolean var3 = false;
int var4 = 0;
while(true) {
if(var4 >= this.d.length) {
if(var2 || var3) {
String var8 = "No response found, but some responses have ";
String var9 = var3?"certIDs with different hash algorithms":"";
var8 = var8 + (var2?"different ReqCert types " + (var3?"or " + var9:""):(var3?var9:""));
throw new OCSPException(var8);
}
break;
}
SingleResponse var5 = this.d[var4];
if(var5.isResponseFor(var1)) {
return var5;
}
if(var1.getType() != var5.getReqCert().getType()) {
var2 = true;
} else if(!var3 && var1.getType() == 0) {
CertID var6 = (CertID)var1.getReqCert();
CertID var7 = (CertID)var5.getReqCert().getReqCert();
if(!var6.getHashAlgorithm().equals(var7.getHashAlgorithm())) {
var3 = true;
}
}
++var4;
}
}
return null;
}
public CertificateResponse getCertificateResponse(X509Certificate var1, X509Certificate var2, GeneralName var3) throws OCSPException {
if(this.d != null) {
OCSPException var4 = null;
for(int var5 = 0; var5 < this.d.length; ++var5) {
SingleResponse var6 = this.d[var5];
try {
if(var6.isResponseFor(var1, var2, var3)) {
return var6;
}
} catch (OCSPException var8) {
if(var4 == null) {
var4 = var8;
}
}
}
if(var4 != null) {
throw new OCSPException("Cannot check single responses. " + var4.getMessage());
}
}
return null;
}
public void decode(byte[] var1) throws CodingException {
try {
this.e = new ASN1(var1);
this.b();
} catch (X509ExtensionException var3) {
throw new CodingException(var3.toString());
}
}
public void decode(InputStream var1) throws IOException {
try {
this.e = new ASN1(var1);
this.b();
} catch (X509ExtensionException var3) {
throw new IOException(var3.toString());
} catch (CodingException var4) {
throw new IOException(var4.toString());
}
}
public void decode(ASN1Object var1) throws CodingException {
this.e = new ASN1(var1);
try {
this.b();
} catch (Exception var3) {
throw new CodingException(var3.toString());
}
}
private ASN1Object a() throws OCSPException {
if(this.f == null) {
throw new OCSPException("Responder ID not set!");
} else if(this.g == null) {
throw new OCSPException("ProducedAt date not set!");
} else if(this.d != null && this.d.length != 0) {
try {
SEQUENCE var1 = new SEQUENCE();
if(this.a > 1) {
var1.addComponent(new CON_SPEC(0, new INTEGER(this.a - 1)));
}
var1.addComponent(this.f.toASN1Object());
var1.addComponent(this.g.toASN1Object());
var1.addComponent(ASN.createSequenceOf(this.d));
if(this.i != null) {
var1.addComponent(new CON_SPEC(1, this.i.toASN1Object()));
}
return var1;
} catch (Exception var2) {
throw new OCSPException(var2.toString());
}
} else {
throw new OCSPException("No single responses set!");
}
}
public int countSingleResponses() {
return this.d.length;
}
public int countExtensions() {
return this.i == null?0:this.i.countExtensions();
}
public boolean containsCertificates() {
return this.l != null && this.l.length > 0;
}
private void c() {
if(this.h) {
throw new RuntimeException("Cannot perform operation, certificate has to be signed first");
}
}
public void addExtension(V3Extension var1) throws X509ExtensionException {
if(this.i == null) {
this.i = new OCSPExtensions();
}
this.i.addExtension(var1);
this.d();
}
public BasicOCSPResponse(byte[] var1) throws CodingException {
this.decode(var1);
}
public BasicOCSPResponse(InputStream var1) throws CodingException, IOException {
this.decode(var1);
}
public BasicOCSPResponse() {
this.a = 1;
this.e = new ASN1();
this.d();
}
}