Add direct TBSCertificate constructor

Author: peterdettman

core/src/main/java/org/bouncycastle/asn1/x509/TBSCertificate.java

@@ -146,6 +146,49 @@ else if (!version.hasValue(2))
         }
     }
 
+    public TBSCertificate(ASN1Integer version, ASN1Integer serialNumber, AlgorithmIdentifier signature,
+        X500Name issuer, Validity validity, X500Name subject, SubjectPublicKeyInfo subjectPublicKeyInfo,
+        ASN1BitString issuerUniqueId, ASN1BitString subjectUniqueId, Extensions extensions)
+    {
+        if (serialNumber == null)
+        {
+            throw new NullPointerException("'serialNumber' cannot be null");
+        }
+        if (signature == null)
+        {
+            throw new NullPointerException("'signature' cannot be null");
+        }
+        if (issuer == null)
+        {
+            throw new NullPointerException("'issuer' cannot be null");
+        }
+        if (validity == null)
+        {
+            throw new NullPointerException("'validity' cannot be null");
+        }
+        if (subject == null)
+        {
+            throw new NullPointerException("'subject' cannot be null");
+        }
+        if (subjectPublicKeyInfo == null)
+        {
+            throw new NullPointerException("'subjectPublicKeyInfo' cannot be null");
+        }
+
+        this.version = version != null ? version : new ASN1Integer(0);
+        this.serialNumber = serialNumber;
+        this.signature = signature;
+        this.issuer = issuer;
+        this.validity = validity;
+        this.subject = subject;
+        this.subjectPublicKeyInfo = subjectPublicKeyInfo;
+        this.issuerUniqueId = issuerUniqueId;
+        this.subjectUniqueId = subjectUniqueId;
+        this.extensions = extensions;
+
+        this.seq = null;
+    }
+
     public int getVersionNumber()
     {
         return version.intValueExact() + 1;
@@ -213,17 +256,20 @@ public Extensions getExtensions()
 
     public ASN1Primitive toASN1Primitive()
     {
-        if (Properties.getPropertyValue("org.bouncycastle.x509.allow_non-der_tbscert") != null)
+        if (seq != null)
         {
-            if (Properties.isOverrideSet("org.bouncycastle.x509.allow_non-der_tbscert"))
+            if (Properties.getPropertyValue("org.bouncycastle.x509.allow_non-der_tbscert") != null)
+            {
+                if (Properties.isOverrideSet("org.bouncycastle.x509.allow_non-der_tbscert"))
+                {
+                    return seq;
+                }
+            }
+            else
             {
                 return seq;
             }
         }
-        else
-        {
-            return seq;
-        }
 
         ASN1EncodableVector v = new ASN1EncodableVector(10);
 

core/src/main/java/org/bouncycastle/asn1/x509/V1TBSCertificateGenerator.java

@@ -1,9 +1,7 @@
 package org.bouncycastle.asn1.x509;
 
-import org.bouncycastle.asn1.ASN1EncodableVector;
 import org.bouncycastle.asn1.ASN1Integer;
 import org.bouncycastle.asn1.ASN1UTCTime;
-import org.bouncycastle.asn1.DERSequence;
 import org.bouncycastle.asn1.DERTaggedObject;
 import org.bouncycastle.asn1.x500.X500Name;
 
@@ -124,16 +122,8 @@ public TBSCertificate generateTBSCertificate()
             throw new IllegalStateException("not all mandatory fields set in V1 TBScertificate generator");
         }
 
-        ASN1EncodableVector seq = new ASN1EncodableVector(6);
-
-        // seq.add(version); - not required as default value.
-        seq.add(serialNumber);
-        seq.add(signature);
-        seq.add(issuer);
-        seq.add(validity != null ? validity : new Validity(startDate, endDate));
-        seq.add(subject);
-        seq.add(subjectPublicKeyInfo);
-
-        return TBSCertificate.getInstance(new DERSequence(seq));
+        return new TBSCertificate(new ASN1Integer(0), serialNumber, signature, issuer,
+            validity != null ? validity : new Validity(startDate, endDate), subject, subjectPublicKeyInfo, null,
+            null, null);
     }
 }

core/src/main/java/org/bouncycastle/asn1/x509/V3TBSCertificateGenerator.java

@@ -29,9 +29,9 @@
  */
 public class V3TBSCertificateGenerator
 {
-    DERTaggedObject         version = new DERTaggedObject(true, 0, new ASN1Integer(2));
+    private static final DERTaggedObject VERSION = new DERTaggedObject(true, 0, new ASN1Integer(2));
 
-    ASN1Integer              serialNumber;
+    ASN1Integer             serialNumber;
     AlgorithmIdentifier     signature;
     X500Name                issuer;
     Validity                validity;
@@ -175,21 +175,11 @@ public ASN1Sequence generatePreTBSCertificate()
             throw new IllegalStateException("not all mandatory fields set in V3 TBScertificate generator");
         }
 
-        return generateTBSStructure();
-    }
-
-    private ASN1Sequence generateTBSStructure()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector(10);
+        ASN1EncodableVector v = new ASN1EncodableVector(9);
 
-        v.add(version);
+        v.add(VERSION);
         v.add(serialNumber);
-
-        if (signature != null)
-        {
-            v.add(signature);
-        }
-        
+        // No signature
         v.add(issuer);
         v.add(validity != null ? validity : new Validity(startDate, endDate));
         v.add(subject != null ? subject : X500Name.getInstance(new DERSequence()));
@@ -222,6 +212,9 @@ public TBSCertificate generateTBSCertificate()
             throw new IllegalStateException("not all mandatory fields set in V3 TBScertificate generator");
         }
 
-        return TBSCertificate.getInstance(generateTBSStructure());
+        return new TBSCertificate(new ASN1Integer(2), serialNumber, signature, issuer,
+            validity != null ? validity : new Validity(startDate, endDate),
+            subject != null ? subject : X500Name.getInstance(new DERSequence()), subjectPublicKeyInfo,
+            issuerUniqueID, subjectUniqueID, extensions);
     }
 }