Add an1.x509.Validity

peterdettman · peterdettman · commit a1ee07b1c901 · 2024-11-05T19:56:00.000+07:00
diff --git a/core/src/main/java/org/bouncycastle/asn1/x509/Certificate.java b/core/src/main/java/org/bouncycastle/asn1/x509/Certificate.java
@@ -94,6 +94,11 @@ public X500Name getIssuer()
         return tbsCert.getIssuer();
     }
 
+    public Validity getValidity()
+    {
+        return tbsCert.getValidity();
+    }
+
     public Time getStartDate()
     {
         return tbsCert.getStartDate();
diff --git a/core/src/main/java/org/bouncycastle/asn1/x509/TBSCertificate.java b/core/src/main/java/org/bouncycastle/asn1/x509/TBSCertificate.java
@@ -41,7 +41,7 @@ public class TBSCertificate
     ASN1Integer             serialNumber;
     AlgorithmIdentifier     signature;
     X500Name                issuer;
-    Time                    startDate, endDate;
+    Validity                validity;
     X500Name                subject;
     SubjectPublicKeyInfo    subjectPublicKeyInfo;
     ASN1BitString           issuerUniqueId;
@@ -110,20 +110,8 @@ else if (!version.hasValue(2))
 
         signature = AlgorithmIdentifier.getInstance(seq.getObjectAt(seqStart + 2));
         issuer = X500Name.getInstance(seq.getObjectAt(seqStart + 3));
-
-        //
-        // before and after dates
-        //
-        ASN1Sequence  dates = (ASN1Sequence)seq.getObjectAt(seqStart + 4);
-
-        startDate = Time.getInstance(dates.getObjectAt(0));
-        endDate = Time.getInstance(dates.getObjectAt(1));
-
+        validity = Validity.getInstance(seq.getObjectAt(seqStart + 4));
         subject = X500Name.getInstance(seq.getObjectAt(seqStart + 5));
-
-        //
-        // public key info.
-        //
         subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(seq.getObjectAt(seqStart + 6));
 
         int extras = seq.size() - (seqStart + 6) - 1;
@@ -183,14 +171,19 @@ public X500Name getIssuer()
         return issuer;
     }
 
+    public Validity getValidity()
+    {
+        return validity;
+    }
+
     public Time getStartDate()
     {
-        return startDate;
+        return validity.getNotBefore();
     }
 
     public Time getEndDate()
     {
-        return endDate;
+        return validity.getNotAfter();
     }
 
     public X500Name getSubject()
@@ -243,21 +236,8 @@ public ASN1Primitive toASN1Primitive()
         v.add(serialNumber);
         v.add(signature);
         v.add(issuer);
-
-        //
-        // before and after dates
-        //
-        v.add(new DERSequence(startDate, endDate));
-
-        if (subject != null)
-        {
-            v.add(subject);
-        }
-        else
-        {
-            v.add(new DERSequence());
-        }
-
+        v.add(validity);
+        v.add(subject);
         v.add(subjectPublicKeyInfo);
 
         // Note: implicit tag
diff --git a/core/src/main/java/org/bouncycastle/asn1/x509/TBSCertificateStructure.java b/core/src/main/java/org/bouncycastle/asn1/x509/TBSCertificateStructure.java
@@ -40,7 +40,7 @@ public class TBSCertificateStructure
     ASN1Integer             serialNumber;
     AlgorithmIdentifier     signature;
     X500Name                issuer;
-    Time                    startDate, endDate;
+    Validity                validity;
     X500Name                subject;
     SubjectPublicKeyInfo    subjectPublicKeyInfo;
     ASN1BitString           issuerUniqueId;
@@ -93,20 +93,8 @@ public TBSCertificateStructure(
 
         signature = AlgorithmIdentifier.getInstance(seq.getObjectAt(seqStart + 2));
         issuer = X500Name.getInstance(seq.getObjectAt(seqStart + 3));
-
-        //
-        // before and after dates
-        //
-        ASN1Sequence  dates = (ASN1Sequence)seq.getObjectAt(seqStart + 4);
-
-        startDate = Time.getInstance(dates.getObjectAt(0));
-        endDate = Time.getInstance(dates.getObjectAt(1));
-
+        validity = Validity.getInstance(seq.getObjectAt(seqStart + 4));
         subject = X500Name.getInstance(seq.getObjectAt(seqStart + 5));
-
-        //
-        // public key info.
-        //
         subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(seq.getObjectAt(seqStart + 6));
 
         for (int extras = seq.size() - (seqStart + 6) - 1; extras > 0; extras--)
@@ -152,14 +140,19 @@ public X500Name getIssuer()
         return issuer;
     }
 
+    public Validity getValidity()
+    {
+        return validity;
+    }
+
     public Time getStartDate()
     {
-        return startDate;
+        return validity.getNotBefore();
     }
 
     public Time getEndDate()
     {
-        return endDate;
+        return validity.getNotAfter();
     }
 
     public X500Name getSubject()
diff --git a/core/src/main/java/org/bouncycastle/asn1/x509/V1TBSCertificateGenerator.java b/core/src/main/java/org/bouncycastle/asn1/x509/V1TBSCertificateGenerator.java
@@ -29,6 +29,7 @@ public class V1TBSCertificateGenerator
     ASN1Integer              serialNumber;
     AlgorithmIdentifier     signature;
     X500Name                issuer;
+    Validity                validity;
     Time                    startDate, endDate;
     X500Name                subject;
     SubjectPublicKeyInfo    subjectPublicKeyInfo;
@@ -64,28 +65,33 @@ public void setIssuer(
         this.issuer = issuer;
     }
 
-    public void setStartDate(
-        Time startDate)
+    public void setValidity(Validity validity)
     {
+        this.validity = validity;
+        this.startDate = null;
+        this.endDate = null;
+    }
+
+    public void setStartDate(Time startDate)
+    {
+        this.validity = null;
         this.startDate = startDate;
     }
 
-    public void setStartDate(
-        ASN1UTCTime startDate)
+    public void setStartDate(ASN1UTCTime startDate)
     {
-        this.startDate = new Time(startDate);
+        setStartDate(new Time(startDate));
     }
 
-    public void setEndDate(
-        Time endDate)
+    public void setEndDate(Time endDate)
     {
+        this.validity = null;
         this.endDate = endDate;
     }
 
-    public void setEndDate(
-        ASN1UTCTime endDate)
+    public void setEndDate(ASN1UTCTime endDate)
     {
-        this.endDate = new Time(endDate);
+        setEndDate(new Time(endDate));
     }
 
     /**
@@ -111,9 +117,9 @@ public void setSubjectPublicKeyInfo(
 
     public TBSCertificate generateTBSCertificate()
     {
-        if ((serialNumber == null) || (signature == null)
-            || (issuer == null) || (startDate == null) || (endDate == null)
-            || (subject == null) || (subjectPublicKeyInfo == null))
+        if ((serialNumber == null) || (signature == null) || (issuer == null) ||
+            (validity == null && (startDate == null || endDate == null)) ||
+            (subject == null) || (subjectPublicKeyInfo == null))
         {
             throw new IllegalStateException("not all mandatory fields set in V1 TBScertificate generator");
         }
@@ -124,14 +130,8 @@ public TBSCertificate generateTBSCertificate()
         seq.add(serialNumber);
         seq.add(signature);
         seq.add(issuer);
-
-        //
-        // before and after dates
-        //
-        seq.add(new DERSequence(startDate, endDate));
-
+        seq.add(validity != null ? validity : new Validity(startDate, endDate));
         seq.add(subject);
-
         seq.add(subjectPublicKeyInfo);
 
         return TBSCertificate.getInstance(new DERSequence(seq));
diff --git a/core/src/main/java/org/bouncycastle/asn1/x509/V3TBSCertificateGenerator.java b/core/src/main/java/org/bouncycastle/asn1/x509/V3TBSCertificateGenerator.java
@@ -34,6 +34,7 @@ public class V3TBSCertificateGenerator
     ASN1Integer              serialNumber;
     AlgorithmIdentifier     signature;
     X500Name                issuer;
+    Validity                validity;
     Time                    startDate, endDate;
     X500Name                subject;
     SubjectPublicKeyInfo    subjectPublicKeyInfo;
@@ -73,31 +74,36 @@ public void setIssuer(
     {
         this.issuer = issuer;
     }
-    
-    public void setStartDate(
-        ASN1UTCTime startDate)
+
+    public void setValidity(Validity validity)
     {
-        this.startDate = new Time(startDate);
+        this.validity = validity;
+        this.startDate = null;
+        this.endDate = null;
     }
 
-    public void setStartDate(
-        Time startDate)
+    public void setStartDate(Time startDate)
     {
+        this.validity = null;
         this.startDate = startDate;
     }
 
-    public void setEndDate(
-        ASN1UTCTime endDate)
+    public void setStartDate(ASN1UTCTime startDate)
     {
-        this.endDate = new Time(endDate);
+        setStartDate(new Time(startDate));
     }
 
-    public void setEndDate(
-        Time endDate)
+    public void setEndDate(Time endDate)
     {
+        this.validity = null;
         this.endDate = endDate;
     }
 
+    public void setEndDate(ASN1UTCTime endDate)
+    {
+        setEndDate(new Time(endDate));
+    }
+
         /**
      * @deprecated use X500Name method
      */
@@ -162,9 +168,9 @@ public ASN1Sequence generatePreTBSCertificate()
         {
             throw new IllegalStateException("signature field should not be set in PreTBSCertificate");
         }
-        if ((serialNumber == null)
-            || (issuer == null) || (startDate == null) || (endDate == null)
-            || (subject == null && !altNamePresentAndCritical) || (subjectPublicKeyInfo == null))
+        if ((serialNumber == null) || (issuer == null) ||
+            (validity == null && (startDate == null || endDate == null)) ||
+            (subject == null && !altNamePresentAndCritical) || (subjectPublicKeyInfo == null))
         {
             throw new IllegalStateException("not all mandatory fields set in V3 TBScertificate generator");
         }
@@ -185,21 +191,8 @@ private ASN1Sequence generateTBSStructure()
         }
         
         v.add(issuer);
-
-        //
-        // before and after dates
-        //
-        v.add(new DERSequence(startDate, endDate));
-
-        if (subject != null)
-        {
-            v.add(subject);
-        }
-        else
-        {
-            v.add(new DERSequence());
-        }
-
+        v.add(validity != null ? validity : new Validity(startDate, endDate));
+        v.add(subject != null ? subject : X500Name.getInstance(new DERSequence()));
         v.add(subjectPublicKeyInfo);
 
         if (issuerUniqueID != null)
@@ -222,9 +215,9 @@ private ASN1Sequence generateTBSStructure()
 
     public TBSCertificate generateTBSCertificate()
     {
-        if ((serialNumber == null) || (signature == null)
-            || (issuer == null) || (startDate == null) || (endDate == null)
-            || (subject == null && !altNamePresentAndCritical) || (subjectPublicKeyInfo == null))
+        if ((serialNumber == null) || (signature == null) || (issuer == null) ||
+            (validity == null && (startDate == null || endDate == null)) ||
+            (subject == null && !altNamePresentAndCritical) || (subjectPublicKeyInfo == null))
         {
             throw new IllegalStateException("not all mandatory fields set in V3 TBScertificate generator");
         }
diff --git a/core/src/main/java/org/bouncycastle/asn1/x509/Validity.java b/core/src/main/java/org/bouncycastle/asn1/x509/Validity.java
diff --git a/core/src/main/java/org/bouncycastle/asn1/x509/X509CertificateStructure.java b/core/src/main/java/org/bouncycastle/asn1/x509/X509CertificateStructure.java

Original file line number	Diff line number	Diff line change
`@@ -94,6 +94,11 @@ public X500Name getIssuer()`
`94`	`94`	`return tbsCert.getIssuer();`
`95`	`95`	`}`
`96`	`96`
	`97`	`+ public Validity getValidity()`
	`98`	`+ {`
	`99`	`+ return tbsCert.getValidity();`
	`100`	`+ }`
	`101`	`+`
`97`	`102`	`public Time getStartDate()`
`98`	`103`	`{`
`99`	`104`	`return tbsCert.getStartDate();`