1
/*
2
 * Copyright (c) 2015, 2021, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.  Oracle designates this
8
 * particular file as subject to the "Classpath" exception as provided
9
 * by Oracle in the LICENSE file that accompanied this code.
10
 *
11
 * This code is distributed in the hope that it will be useful, but WITHOUT
12
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14
 * version 2 for more details (a copy is included in the LICENSE file that
15
 * accompanied this code).
16
 *
17
 * You should have received a copy of the GNU General Public License version
18
 * 2 along with this work; if not, write to the Free Software Foundation,
19
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20
 *
21
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22
 * or visit www.oracle.com if you need additional information or have any
23
 * questions.
24
 */
25

26
package sun.security.provider.certpath;
27

28
import java.io.IOException;
29
import java.util.Objects;
30
import java.security.SecureRandom;
31

32
import sun.security.x509.Extension;
33
import sun.security.x509.PKIXExtensions;
34
import sun.security.util.Debug;
35
import sun.security.util.DerValue;
36

37
/**
38
 * Represent the OCSP Nonce Extension.
39
 * This extension, if present, provides a nonce value in OCSP requests
40
 * and responses.  This will cryptographically bind requests and responses
41
 * and help to prevent replay attacks (see RFC 6960, section 4.4.1).
42
 *
43
 * @see Extension
44
 */
45
public final class OCSPNonceExtension extends Extension {
46

47
    /**
48
     * Attribute name.
49
     */
50
    private static final String EXTENSION_NAME = "OCSPNonce";
51
    private byte[] nonceData = null;
52

53
    /**
54
     * Create an {@code OCSPNonceExtension} by providing the nonce length.
55
     * The criticality is set to false, and the OID for the extension will
56
     * be the value defined by "id-pkix-ocsp-nonce" from RFC 6960.
57
     *
58
     * @param length the number of random bytes composing the nonce
59
     *
60
     * @throws IOException if any errors happen during encoding of the
61
     *      extension.
62
     * @throws IllegalArgumentException if length is not a positive integer.
63
     */
64
    public OCSPNonceExtension(int length) throws IOException {
65
        this(false, length);
66
    }
67

68
    /**
69
     * Create an {@code OCSPNonceExtension} by providing the nonce length and
70
     * criticality setting.  The OID for the extension will
71
     * be the value defined by "id-pkix-ocsp-nonce" from RFC 6960.
72
     *
73
     * @param isCritical a boolean flag indicating whether the criticality bit
74
     *      is set for this extension
75
     * @param length the number of random bytes composing the nonce
76
     *
77
     * @throws IOException if any errors happen during encoding of the
78
     *      extension.
79
     * @throws IllegalArgumentException if length is not in the range of 1 to 32.
80
     */
81
    public OCSPNonceExtension(boolean isCritical, int length)
82
            throws IOException {
83
        this.extensionId = PKIXExtensions.OCSPNonce_Id;
84
        this.critical = isCritical;
85

86
        // RFC 8954, section 2.1: the length of the nonce MUST be at least 1 octet
87
        // and can be up to 32 octets.
88
        if (length > 0 && length <= 32) {
89
            SecureRandom rng = new SecureRandom();
90
            this.nonceData = new byte[length];
91
            rng.nextBytes(nonceData);
92
            this.extensionValue = new DerValue(DerValue.tag_OctetString,
93
                    nonceData).toByteArray();
94
        } else {
95
            throw new IllegalArgumentException(
96
                    "Length of nonce must be at least 1 byte and can be up to 32 bytes");
97
        }
98
    }
99

100
    /**
101
     * Create an {@code OCSPNonceExtension} by providing a nonce value.
102
     * The criticality is set to false, and the OID for the extension will
103
     * be the value defined by "id-pkix-ocsp-nonce" from RFC 6960.
104
     *
105
     * @param incomingNonce The nonce data to be set for the extension.  This
106
     *      must be a non-null array of at least one byte long.
107
     *
108
     * @throws IOException if any errors happen during encoding of the
109
     *      extension.
110
     * @throws IllegalArgumentException if the incomingNonce length is not a
111
     *      positive integer.
112
     * @throws NullPointerException if the incomingNonce is null.
113
     */
114
    public OCSPNonceExtension(byte[] incomingNonce) throws IOException {
115
        this(false, incomingNonce);
116
    }
117

118
    /**
119
     * Create an {@code OCSPNonceExtension} by providing a nonce value and
120
     * criticality setting.  The OID for the extension will
121
     * be the value defined by "id-pkix-ocsp-nonce" from RFC 6960.
122
     *
123
     * @param isCritical a boolean flag indicating whether the criticality bit
124
     *      is set for this extension
125
     * @param incomingNonce The nonce data to be set for the extension.  This
126
     *      must be a non-null array of at least one byte long and can be up to
127
     *      32 bytes.
128
     *
129
     * @throws IOException if any errors happen during encoding of the
130
     *      extension.
131
     * @throws IllegalArgumentException if the incomingNonce length is not
132
     *      in the range of 1 to 32.
133
     * @throws NullPointerException if the incomingNonce is null.
134
     */
135
    public OCSPNonceExtension(boolean isCritical, byte[] incomingNonce)
136
            throws IOException {
137
        this.extensionId = PKIXExtensions.OCSPNonce_Id;
138
        this.critical = isCritical;
139

140
        Objects.requireNonNull(incomingNonce, "Nonce data must be non-null");
141
        // RFC 8954, section 2.1: the length of the nonce MUST be at least 1 octet
142
        // and can be up to 32 octets.
143
        if (incomingNonce.length > 0 && incomingNonce.length <= 32) {
144
            this.nonceData = incomingNonce.clone();
145
            this.extensionValue = new DerValue(DerValue.tag_OctetString,
146
                    nonceData).toByteArray();
147
        } else {
148
            throw new IllegalArgumentException(
149
                    "Nonce data must be at least 1 byte and can be up to 32 bytes in length");
150
        }
151
    }
152

153
    /**
154
     * Return the nonce bytes themselves, without any DER encoding.
155
     *
156
     * @return A copy of the underlying nonce bytes
157
     */
158
    public byte[] getNonceValue() {
159
        return nonceData.clone();
160
    }
161

162
    /**
163
     * Returns a printable representation of the {@code OCSPNonceExtension}.
164
     *
165
     * @return a string representation of the extension.
166
     */
167
    @Override
168
    public String toString() {
169
        StringBuilder sb = new StringBuilder();
170
        sb.append(super.toString()).append(EXTENSION_NAME).append(": ");
171
        sb.append((nonceData == null) ? "" : Debug.toString(nonceData));
172
        sb.append("\n");
173
        return sb.toString();
174
    }
175

176
    /**
177
     * Return the name of the extension as a {@code String}
178
     *
179
     * @return the name of the extension
180
     */
181
    public String getName() {
182
        return EXTENSION_NAME;
183
    }
184
}
185

186