Java Cryptography & X.509 Authentication 

by Snezana Sucurovic and Zoran Jovanovic 



Listing One



(a)

Certificate             ::= SIGNED {SEQUENCE{

            version                  [0]     Version DEFAULT v1,

            serialNumber                     CertificateSerialNumber,

            signature                        AlgorithmIdentifier,

            issuer                                           Name,

            validity                         Validity,

            subject                                          name,

            subjectPublicKeyInfo             SubjectPublicKeyInfo,

            issuerUniqueIdentifier   [1]     IMPLICIT UniqueIdentifier OPTIONAL,

            subjectUniqueIdentifier  [2]     IMPLICIT UniqueIdentifier OPTIONAL,

            extensions               [3]     Extensions OPTIONAL       }}



Validity                                     ::=             SEQUENCE {

            notBefore                        Time,

            notAfter                         Time

}



(b)

Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension



Extension  ::=  SEQUENCE  {

      extnId        OBJECT IDENTIFIER,

      critical      BOOLEAN DEFAULT FALSE,

      extnValue     OCTET STRING

        -- DER coded value

  }





Listing Two



SubjectPublicKeyInfo    ::=  SEQUENCE {

    Algorithm       AlgorithmIdentifier,

    SubjectPublicKey    BIT STRING

     }

AlgorithmIdentifier    : :=  SEQUENCE {

    Algorithm       OBJECT IDENTIFIER,

    Parameters      ANY DEFINED BY algorithm OPTIONAL

     }





Listing Three



    PrivateKeyInfo  ::= SEQUENCE {

        Version     Version,

    PrivateKeyAlgorithm     PrivateAlgorithmIdentifier,

    PrivateKey          PrivateKey,

    Attributes      [0] IMPLICIT Attributes OPTIONAL

}

    Version         ::=   INTEGER

    PrivateKeyAlgorithm ::=   AlgorithmIdentifier

    PrivateKey          ::=   OCTET STRING

    Attributes          ::=    SET OF Attribute





Listing Four



      X509CertInfo certinfo = new X509CertInfo();

      CertificateVersion cv = new CertificateVersion(CertificateVersion.V3);

         ...   etc

      certinfo.set(certinfo.VERSION,cv);

       ... etc

      X509CertImpl cert = new X509CertImpl(certinfo);





Listing Five



(a)

Magic number (big-endian integer),

Version of this file format (big-endian integer),

Count (big-endian integer),

followed by "count" instances of either:

    {

     tag=1 (big-endian integer),

     alias (UTF string)

     timestamp

     encrypted private-key info according to PKCS #8

        (integer length followed by encoding)

    cert chain (integer count, then certs; for each cert,

         integer length followed by encoding)

    }



(b)

    {

     tag=2 (big-endian integer)

     alias (UTF string)

     timestamp

     cert (integer length followed by encoding)

    }

ended by a keyed SHA1 hash (bytes only) of

    { password + whitener + preceding body }









