Red Hat Application Migration Toolkit
package iaik.x509.ocsp; import iaik.asn1.ASN; import iaik.asn1.ASN1; import iaik.asn1.ASN1Object; import iaik.asn1.BIT_STRING; import iaik.asn1.CON_SPEC; import iaik.asn1.CodingException; import iaik.asn1.DerCoder; import iaik.asn1.INTEGER; import iaik.asn1.ObjectID; import iaik.asn1.SEQUENCE; import iaik.asn1.structures.AlgorithmID; import iaik.asn1.structures.ChoiceOfTime; import iaik.asn1.structures.GeneralName; import iaik.utils.Util; import iaik.x509.V3Extension; import iaik.x509.X509Certificate; import iaik.x509.X509ExtensionException; import iaik.x509.X509ExtensionInitException; import iaik.x509.ocsp.CertID; import iaik.x509.ocsp.CertificateResponse; import iaik.x509.ocsp.OCSPException; import iaik.x509.ocsp.OCSPExtensions; import iaik.x509.ocsp.ReqCert; import iaik.x509.ocsp.ResponderID; import iaik.x509.ocsp.Response; import iaik.x509.ocsp.SingleResponse; import iaik.x509.ocsp.extensions.Nonce; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; import java.math.BigInteger; import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; import java.security.PrivateKey; import java.security.PublicKey; import java.security.Signature; import java.security.SignatureException; import java.util.Date; import java.util.Enumeration; public class BasicOCSPResponse extends Response { // $FF: synthetic field static Class j; // $FF: synthetic field static Class k; private boolean h; private byte[] b; private X509Certificate[] l; private AlgorithmID c; private OCSPExtensions i; private SingleResponse[] d; private ChoiceOfTime g; private ResponderID f; private int a; private ASN1 e; public static final ObjectID responseType = new ObjectID("1.3.6.1.5.5.7.48.1.1", "id-pkix-ocsp-basic"); static Class a(String var0) { try { return Class.forName(var0); } catch (ClassNotFoundException var2) { throw new NoClassDefFoundError(var2.getMessage()); } } public void writeTo(OutputStream var1) throws IOException { this.c(); this.e.writeTo(var1); } public void verify(PublicKey var1, String var2) throws SignatureException, InvalidKeyException, NoSuchAlgorithmException { this.c(); Signature var3 = this.c.getSignatureInstance(var2); try { byte[] var4 = this.e.getFirstObject(); var3.initVerify(var1); var3.update(var4); } catch (CodingException var5) { throw new SignatureException(var5.toString()); } if(!var3.verify(this.b)) { throw new SignatureException("Signature verification error!"); } } public void verify(PublicKey var1) throws SignatureException, InvalidKeyException, NoSuchAlgorithmException { this.verify(var1, (String)null); } public X509Certificate verify() throws OCSPException, SignatureException, InvalidKeyException, NoSuchAlgorithmException { X509Certificate[] var1 = null; if(this.l != null && this.l.length > 0) { var1 = Util.arrangeCertificateChain(this.l, false); if(var1 != null && var1.length > 0) { this.verify(var1[0].getPublicKey()); return var1[0]; } else { throw new OCSPException("Cannot verify request. Cannot build chain from included certs."); } } else { throw new OCSPException("Cannot verify request. No certificates included."); } } public String toString(boolean var1) { StringBuffer var2 = new StringBuffer(); var2.append("Version: " + this.a + "\n"); var2.append("ResponderID: " + this.f + "\n"); var2.append("ProducedAt: " + this.g + "\n"); if(var1) { for(int var3 = 0; var3 < this.d.length; ++var3) { var2.append("singleResponse " + var3 + ": {\n"); var2.append(this.d[var3].toString(true) + "}"); } } else { var2.append("singleResponses: " + this.d.length); } var2.append("\n"); if(this.i != null) { if(var1) { var2.append(this.i); } else { var2.append("Extensions: " + this.i.countExtensions()); var2.append("\n"); } } var2.append("Signature algorithm: " + this.c + "\n"); if(this.l != null) { var2.append("certificates: " + this.l.length + "\n"); } return var2.toString(); } public String toString() { return this.toString(false); } public ASN1Object toASN1Object() { this.c(); return this.e.toASN1Object(); } public void sign(AlgorithmID var1, PrivateKey var2, String var3) throws NoSuchAlgorithmException, InvalidKeyException, OCSPException { if(var1 == null) { throw new OCSPException("Cannot sign response! No signature algorithm specified!"); } else { this.c = var1; Signature var4 = this.c.getSignatureInstance(var3); ASN1Object var5 = this.a(); var4.initSign(var2); try { var4.update(DerCoder.encode(var5)); this.b = var4.sign(); BIT_STRING var6 = new BIT_STRING(this.b); SEQUENCE var7 = new SEQUENCE(); var7.addComponent(var5); var7.addComponent(this.c.toASN1Object()); var7.addComponent(var6); if(this.l != null && this.l.length > 0) { var7.addComponent(new CON_SPEC(0, ASN.createSequenceOf(this.l))); } this.e = new ASN1(var7); } catch (CodingException var8) { throw new OCSPException(var8.toString()); } catch (SignatureException var9) { throw new OCSPException(var9.toString()); } this.e(); } } public void sign(AlgorithmID var1, PrivateKey var2) throws NoSuchAlgorithmException, InvalidKeyException, OCSPException { this.sign(var1, var2, (String)null); } public void setSingleResponses(SingleResponse[] var1) { this.d = var1; this.d(); if(this.d != null) { for(int var2 = 0; var2 < this.d.length; ++var2) { if(this.d[var2].getReqCert().getType() != 0) { this.a = 2; return; } } } } private void e() { this.h = false; } public void setSignature(AlgorithmID var1, byte[] var2) throws OCSPException { if(var1 == null) { throw new OCSPException("Cannot set signature! No signature algorithm specified!"); } else if(var2 != null && var2.length != 0) { this.c = var1; this.b = var2; ASN1Object var3 = this.a(); try { BIT_STRING var4 = new BIT_STRING(this.b); SEQUENCE var5 = new SEQUENCE(); var5.addComponent(var3); var5.addComponent(this.c.toASN1Object()); var5.addComponent(var4); if(this.l != null && this.l.length > 0) { var5.addComponent(new CON_SPEC(0, ASN.createSequenceOf(this.l))); } this.e = new ASN1(var5); } catch (CodingException var6) { throw new OCSPException(var6.toString()); } this.e(); } else { throw new OCSPException("Cannot set empty signature value!"); } } public void setResponderID(ResponderID var1) { this.f = var1; this.d(); } public void setProducedAt(Date var1) { this.g = new ChoiceOfTime(var1); this.g.setEncodingType(ASN.GeneralizedTime); this.d(); } public void setNonce(byte[] var1) throws X509ExtensionException { this.addExtension(new Nonce(var1)); } private void d() { this.h = true; } public void setCertificates(X509Certificate[] var1) { this.l = var1; this.d(); } public boolean removeExtension(ObjectID var1) { boolean var2 = false; var2 = this.i == null?false:this.i.removeExtension(var1); if(var2) { this.d(); } return var2; } public void removeAllExtensions() { if(this.i != null) { this.i.removeAllExtensions(); this.d(); } this.i = null; } public Enumeration listExtensions() { return this.i == null?null:this.i.listExtensions(); } private void b() throws X509ExtensionException, CodingException { int var1 = 0; ASN1Object var3 = this.e.getComponentAt(0); this.c = new AlgorithmID(this.e.getComponentAt(1)); ASN1Object var4 = this.e.getComponentAt(2); this.b = (byte[])((BIT_STRING)var4).getValue(); if(this.e.countComponents() == 4) { this.l = (X509Certificate[])ASN.parseSequenceOf((ASN1Object)this.e.getComponentAt(3).getValue(), k != null?k:(k = a("iaik.x509.X509Certificate"))); } ASN1Object var2 = var3.getComponentAt(0); if(var2.isA(ASN.CON_SPEC) && var2.getAsnType().getTag() == 0) { BigInteger var5 = (BigInteger)((ASN1Object)var2.getValue()).getValue(); this.a = var5.intValue() + 1; ++var1; } this.f = new ResponderID(var3.getComponentAt(var1)); this.g = new ChoiceOfTime(var3.getComponentAt(1 + var1)); var2 = var3.getComponentAt(2 + var1); this.d = (SingleResponse[])ASN.parseSequenceOf(var2, j != null?j:(j = a("iaik.x509.ocsp.SingleResponse"))); int var6 = 3 + var1; if(var6 < var3.countComponents()) { var2 = var3.getComponentAt(var6); this.i = new OCSPExtensions((ASN1Object)var2.getValue()); } this.e.clearASN1Object(); this.e(); } public boolean hasUnsupportedCriticalExtension() { return this.i == null?false:this.i.hasUnsupportedCriticalExtension(); } public boolean hasExtensions() { return this.i == null?false:this.i.hasExtensions(); } public int getVersion() { return this.a; } public byte[] getTBSResponseData() throws CodingException { try { return this.e != null && this.e.toByteArray() != null?this.e.getFirstObject():DerCoder.encode(this.a()); } catch (OCSPException var2) { throw new CodingException(var2.toString()); } } public SingleResponse[] getSingleResponses() { return this.d; } public SingleResponse getSingleResponse(ReqCert var1) throws OCSPException { return (SingleResponse)this.getCertificateResponse(var1); } public SingleResponse getSingleResponse(X509Certificate var1, X509Certificate var2, GeneralName var3) throws OCSPException { return (SingleResponse)this.getCertificateResponse(var1, var2, var3); } public AlgorithmID getSignatureAlgorithm() { return this.c; } public byte[] getSignature() { return this.b; } public ObjectID getResponseType() { return responseType; } public ResponderID getResponderID() { return this.f; } public Date getProducedAt() { return this.g == null?null:this.g.getDate(); } public byte[] getNonce() throws X509ExtensionInitException { Nonce var1 = (Nonce)this.getExtension(Nonce.oid); return var1 == null?null:var1.getValue(); } public V3Extension getExtension(ObjectID var1) throws X509ExtensionInitException { return this.i == null?null:this.i.getExtension(var1); } public byte[] getEncoded() { this.c(); return this.e.toByteArray(); } public X509Certificate[] getCertificates() { return this.l; } public CertificateResponse getCertificateResponse(ReqCert var1) throws OCSPException { if(this.d != null) { boolean var2 = false; boolean var3 = false; int var4 = 0; while(true) { if(var4 >= this.d.length) { if(var2 || var3) { String var8 = "No response found, but some responses have "; String var9 = var3?"certIDs with different hash algorithms":""; var8 = var8 + (var2?"different ReqCert types " + (var3?"or " + var9:""):(var3?var9:"")); throw new OCSPException(var8); } break; } SingleResponse var5 = this.d[var4]; if(var5.isResponseFor(var1)) { return var5; } if(var1.getType() != var5.getReqCert().getType()) { var2 = true; } else if(!var3 && var1.getType() == 0) { CertID var6 = (CertID)var1.getReqCert(); CertID var7 = (CertID)var5.getReqCert().getReqCert(); if(!var6.getHashAlgorithm().equals(var7.getHashAlgorithm())) { var3 = true; } } ++var4; } } return null; } public CertificateResponse getCertificateResponse(X509Certificate var1, X509Certificate var2, GeneralName var3) throws OCSPException { if(this.d != null) { OCSPException var4 = null; for(int var5 = 0; var5 < this.d.length; ++var5) { SingleResponse var6 = this.d[var5]; try { if(var6.isResponseFor(var1, var2, var3)) { return var6; } } catch (OCSPException var8) { if(var4 == null) { var4 = var8; } } } if(var4 != null) { throw new OCSPException("Cannot check single responses. " + var4.getMessage()); } } return null; } public void decode(byte[] var1) throws CodingException { try { this.e = new ASN1(var1); this.b(); } catch (X509ExtensionException var3) { throw new CodingException(var3.toString()); } } public void decode(InputStream var1) throws IOException { try { this.e = new ASN1(var1); this.b(); } catch (X509ExtensionException var3) { throw new IOException(var3.toString()); } catch (CodingException var4) { throw new IOException(var4.toString()); } } public void decode(ASN1Object var1) throws CodingException { this.e = new ASN1(var1); try { this.b(); } catch (Exception var3) { throw new CodingException(var3.toString()); } } private ASN1Object a() throws OCSPException { if(this.f == null) { throw new OCSPException("Responder ID not set!"); } else if(this.g == null) { throw new OCSPException("ProducedAt date not set!"); } else if(this.d != null && this.d.length != 0) { try { SEQUENCE var1 = new SEQUENCE(); if(this.a > 1) { var1.addComponent(new CON_SPEC(0, new INTEGER(this.a - 1))); } var1.addComponent(this.f.toASN1Object()); var1.addComponent(this.g.toASN1Object()); var1.addComponent(ASN.createSequenceOf(this.d)); if(this.i != null) { var1.addComponent(new CON_SPEC(1, this.i.toASN1Object())); } return var1; } catch (Exception var2) { throw new OCSPException(var2.toString()); } } else { throw new OCSPException("No single responses set!"); } } public int countSingleResponses() { return this.d.length; } public int countExtensions() { return this.i == null?0:this.i.countExtensions(); } public boolean containsCertificates() { return this.l != null && this.l.length > 0; } private void c() { if(this.h) { throw new RuntimeException("Cannot perform operation, certificate has to be signed first"); } } public void addExtension(V3Extension var1) throws X509ExtensionException { if(this.i == null) { this.i = new OCSPExtensions(); } this.i.addExtension(var1); this.d(); } public BasicOCSPResponse(byte[] var1) throws CodingException { this.decode(var1); } public BasicOCSPResponse(InputStream var1) throws CodingException, IOException { this.decode(var1); } public BasicOCSPResponse() { this.a = 1; this.e = new ASN1(); this.d(); } }