/** Creates a new PopoSigningKeyInput with sender name as authInfo. */ public PopoSigningKeyInput( GeneralName sender, SubjectPublicKeyInfo spki) { this.sender = sender; this.publicKey = spki; }
public PkiHeaderBuilder( int pvno, GeneralName sender, GeneralName recipient) : this(new DerInteger(pvno), sender, recipient) { }
public SemanticsInformation( DerObjectIdentifier semanticsIdentifier, GeneralName[] generalNames) { this.semanticsIdentifier = semanticsIdentifier; this.nameRegistrationAuthorities = generalNames; }
private static Asn1Sequence FromCertificate( X509Certificate certificate) { try { GeneralName genName = new GeneralName( PrincipalUtilities.GetIssuerX509Principal(certificate)); if (certificate.Version == 3) { Asn1OctetString ext = certificate.GetExtensionValue(X509Extensions.SubjectKeyIdentifier); if (ext != null) { Asn1OctetString str = (Asn1OctetString) X509ExtensionUtilities.FromExtensionValue(ext); return (Asn1Sequence) new AuthorityKeyIdentifier( str.GetOctets(), new GeneralNames(genName), certificate.SerialNumber).ToAsn1Object(); } } SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo( certificate.GetPublicKey()); return (Asn1Sequence) new AuthorityKeyIdentifier( info, new GeneralNames(genName), certificate.SerialNumber).ToAsn1Object(); } catch (Exception e) { throw new CertificateParsingException("Exception extracting certificate details", e); } }
/** * create an AccessDescription with the oid and location provided. */ public AccessDescription( DerObjectIdentifier oid, GeneralName location) { accessMethod = oid; accessLocation = location; }
private AccessDescription( Asn1Sequence seq) { if (seq.Count != 2) throw new ArgumentException("wrong number of elements in sequence"); accessMethod = DerObjectIdentifier.GetInstance(seq[0]); accessLocation = GeneralName.GetInstance(seq[1]); }
private SinglePubInfo(Asn1Sequence seq) { pubMethod = DerInteger.GetInstance(seq[0]); if (seq.Count == 2) { pubLocation = GeneralName.GetInstance(seq[1]); } }
private PkiHeaderBuilder( DerInteger pvno, GeneralName sender, GeneralName recipient) { this.pvno = pvno; this.sender = sender; this.recipient = recipient; }
public TbsRequest( GeneralName requestorName, Asn1Sequence requestList, X509Extensions requestExtensions) { this.version = V1; this.requestorName = requestorName; this.requestList = requestList; this.requestExtensions = requestExtensions; }
/** * Set the requestor name to the passed in X509Principal * * @param requestorName a X509Principal representing the requestor name. */ public void SetRequestorName( X509Name requestorName) { try { this.requestorName = new GeneralName(GeneralName.DirectoryName, requestorName); } catch (Exception e) { throw new ArgumentException("cannot encode principal", e); } }
/** * Constructor from Asn1TaggedObject. * * @param tagObj The tagged object. * @throws ArgumentException if the encoding is wrong. */ private Target( Asn1TaggedObject tagObj) { switch ((Choice) tagObj.TagNo) { case Choice.Name: // GeneralName is already a choice so explicit targetName = GeneralName.GetInstance(tagObj, true); break; case Choice.Group: targetGroup = GeneralName.GetInstance(tagObj, true); break; default: throw new ArgumentException("unknown tag: " + tagObj.TagNo); } }
/** * Constructor. * @param roleAuthority the role authority of this RoleSyntax. * @param roleName the role name of this RoleSyntax. */ public RoleSyntax( GeneralNames roleAuthority, GeneralName roleName) { if (roleName == null || roleName.TagNo != GeneralName.UniformResourceIdentifier || ((IAsn1String) roleName.Name).GetString().Equals("")) { throw new ArgumentException("the role name MUST be non empty and MUST " + "use the URI option of GeneralName"); } this.roleAuthority = roleAuthority; this.roleName = roleName; }
/** * Constructor. * @param roleAuthority the role authority of this RoleSyntax. * @param roleName the role name of this RoleSyntax. */ public RoleSyntax( GeneralNames roleAuthority, GeneralName roleName) { if (roleName == null || roleName.TagNo != GeneralName.UniformResourceIdentifier || ((IAsn1String)roleName.Name).GetString().Equals("")) { throw new ArgumentException("the role name MUST be non empty and MUST " + "use the URI option of GeneralName"); } this.roleAuthority = roleAuthority; this.roleName = roleName; }
/** * Constructor from a given details. * * According RFC 3280, the minimum and maximum fields are not used with any * name forms, thus minimum MUST be zero, and maximum MUST be absent. * <p> * If minimum is <code>null</code>, zero is assumed, if * maximum is <code>null</code>, maximum is absent.</p> * * @param baseName * A restriction. * @param minimum * Minimum * * @param maximum * Maximum */ public GeneralSubtree( GeneralName baseName, BigInteger minimum, BigInteger maximum) { this.baseName = baseName; if (minimum != null) { this.minimum = new DerInteger(minimum); } if (maximum != null) { this.maximum = new DerInteger(maximum); } }
private GeneralSubtree( Asn1Sequence seq) { baseName = GeneralName.GetInstance(seq[0]); switch (seq.Count) { case 1: break; case 2: { Asn1TaggedObject o = Asn1TaggedObject.GetInstance(seq[1]); switch (o.TagNo) { case 0: minimum = DerInteger.GetInstance(o, false); break; case 1: maximum = DerInteger.GetInstance(o, false); break; default: throw new ArgumentException("Bad tag number: " + o.TagNo); } break; } case 3: { { Asn1TaggedObject oMin = Asn1TaggedObject.GetInstance(seq[1]); if (oMin.TagNo != 0) throw new ArgumentException("Bad tag number for 'minimum': " + oMin.TagNo); minimum = DerInteger.GetInstance(oMin, false); } { Asn1TaggedObject oMax = Asn1TaggedObject.GetInstance(seq[2]); if (oMax.TagNo != 1) throw new ArgumentException("Bad tag number for 'maximum': " + oMax.TagNo); maximum = DerInteger.GetInstance(oMax, false); } break; } default: throw new ArgumentException("Bad sequence size: " + seq.Count); } }
/** * Constructor from Asn1TaggedObject. * * @param tagObj The tagged object. * @throws ArgumentException if the encoding is wrong. */ private Target( Asn1TaggedObject tagObj) { switch ((Choice)tagObj.TagNo) { case Choice.Name: // GeneralName is already a choice so explicit targetName = GeneralName.GetInstance(tagObj, true); break; case Choice.Group: targetGroup = GeneralName.GetInstance(tagObj, true); break; default: throw new ArgumentException("unknown tag: " + tagObj.TagNo); } }
/** * Constructor from Asn1Sequence. * <p/> * The sequence is of type ProcurationSyntax: * <p/> * <pre> * Admissions ::= SEQUENCE * { * admissionAuthority [0] EXPLICIT GeneralName OPTIONAL * namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL * professionInfos SEQUENCE OF ProfessionInfo * } * </pre> * * @param seq The ASN.1 sequence. */ private Admissions( Asn1Sequence seq) { if (seq.Count > 3) throw new ArgumentException("Bad sequence size: " + seq.Count); IEnumerator e = seq.GetEnumerator(); e.MoveNext(); Asn1Encodable o = (Asn1Encodable) e.Current; if (o is Asn1TaggedObject) { switch (((Asn1TaggedObject)o).TagNo) { case 0: admissionAuthority = GeneralName.GetInstance((Asn1TaggedObject)o, true); break; case 1: namingAuthority = NamingAuthority.GetInstance((Asn1TaggedObject)o, true); break; default: throw new ArgumentException("Bad tag number: " + ((Asn1TaggedObject)o).TagNo); } e.MoveNext(); o = (Asn1Encodable) e.Current; } if (o is Asn1TaggedObject) { switch (((Asn1TaggedObject)o).TagNo) { case 1: namingAuthority = NamingAuthority.GetInstance((Asn1TaggedObject)o, true); break; default: throw new ArgumentException("Bad tag number: " + ((Asn1TaggedObject)o).TagNo); } e.MoveNext(); o = (Asn1Encodable) e.Current; } professionInfos = Asn1Sequence.GetInstance(o); if (e.MoveNext()) { throw new ArgumentException("Bad object encountered: " + e.Current.GetType().Name); } }
private PkiHeader(Asn1Sequence seq) { pvno = DerInteger.GetInstance(seq[0]); sender = GeneralName.GetInstance(seq[1]); recipient = GeneralName.GetInstance(seq[2]); for (int pos = 3; pos < seq.Count; ++pos) { Asn1TaggedObject tObj = (Asn1TaggedObject)seq[pos]; switch (tObj.TagNo) { case 0: messageTime = DerGeneralizedTime.GetInstance(tObj, true); break; case 1: protectionAlg = AlgorithmIdentifier.GetInstance(tObj, true); break; case 2: senderKID = Asn1OctetString.GetInstance(tObj, true); break; case 3: recipKID = Asn1OctetString.GetInstance(tObj, true); break; case 4: transactionID = Asn1OctetString.GetInstance(tObj, true); break; case 5: senderNonce = Asn1OctetString.GetInstance(tObj, true); break; case 6: recipNonce = Asn1OctetString.GetInstance(tObj, true); break; case 7: freeText = PkiFreeText.GetInstance(tObj, true); break; case 8: generalInfo = Asn1Sequence.GetInstance(tObj, true); break; default: throw new ArgumentException("unknown tag number: " + tObj.TagNo, "seq"); } } }
private PopoSigningKeyInput(Asn1Sequence seq) { Asn1Encodable authInfo = (Asn1Encodable)seq[0]; if (authInfo is Asn1TaggedObject) { Asn1TaggedObject tagObj = (Asn1TaggedObject)authInfo; if (tagObj.TagNo != 0) { throw new ArgumentException("Unknown authInfo tag: " + tagObj.TagNo, "seq"); } sender = GeneralName.GetInstance(tagObj.GetObject()); } else { publicKeyMac = PKMacValue.GetInstance(authInfo); } publicKey = SubjectPublicKeyInfo.GetInstance(seq[1]); }
private TbsRequest( Asn1Sequence seq) { int index = 0; Asn1Encodable enc = seq[0]; if (enc is Asn1TaggedObject) { Asn1TaggedObject o = (Asn1TaggedObject) enc; if (o.TagNo == 0) { versionSet = true; version = DerInteger.GetInstance(o, true); index++; } else { version = V1; } } else { version = V1; } if (seq[index] is Asn1TaggedObject) { requestorName = GeneralName.GetInstance((Asn1TaggedObject) seq[index++], true); } requestList = (Asn1Sequence) seq[index++]; if (seq.Count == (index + 1)) { requestExtensions = X509Extensions.GetInstance((Asn1TaggedObject) seq[index], true); } }
public GeneralSubtree( GeneralName baseName) : this(baseName, null, null) { }
/// <summary>Construct a GeneralNames object containing one GeneralName.</summary> /// <param name="name">The name to be contained.</param> public GeneralNames( GeneralName name) { names = new GeneralName[] { name }; }
public void SetRequestorName( GeneralName requestorName) { this.requestorName = requestorName; }
private TstInfo( Asn1Sequence seq) { IEnumerator e = seq.GetEnumerator(); // version e.MoveNext(); version = DerInteger.GetInstance(e.Current); // tsaPolicy e.MoveNext(); tsaPolicyId = DerObjectIdentifier.GetInstance(e.Current); // messageImprint e.MoveNext(); messageImprint = MessageImprint.GetInstance(e.Current); // serialNumber e.MoveNext(); serialNumber = DerInteger.GetInstance(e.Current); // genTime e.MoveNext(); genTime = DerGeneralizedTime.GetInstance(e.Current); // default for ordering ordering = DerBoolean.False; while (e.MoveNext()) { Asn1Object o = (Asn1Object) e.Current; if (o is Asn1TaggedObject) { DerTaggedObject tagged = (DerTaggedObject) o; switch (tagged.TagNo) { case 0: tsa = GeneralName.GetInstance(tagged, true); break; case 1: extensions = X509Extensions.GetInstance(tagged, false); break; default: throw new ArgumentException("Unknown tag value " + tagged.TagNo); } } if (o is DerSequence) { accuracy = Accuracy.GetInstance(o); } if (o is DerBoolean) { ordering = DerBoolean.GetInstance(o); } if (o is DerInteger) { nonce = DerInteger.GetInstance(o); } } }
/** * Check if the given GeneralName is contained in the excluded ISet. * * @param name The GeneralName. * @throws PkixNameConstraintValidatorException * If the <code>name</code> is * excluded. */ public void checkExcluded(GeneralName name) // throws PkixNameConstraintValidatorException { switch (name.TagNo) { case 1: CheckExcludedEmail(excludedSubtreesEmail, ExtractNameAsString(name)); break; case 2: checkExcludedDNS(excludedSubtreesDNS, DerIA5String.GetInstance( name.Name).GetString()); break; case 4: CheckExcludedDN(Asn1Sequence.GetInstance(name.Name.ToAsn1Object())); break; case 6: checkExcludedURI(excludedSubtreesURI, DerIA5String.GetInstance( name.Name).GetString()); break; case 7: byte[] ip = Asn1OctetString.GetInstance(name.Name).GetOctets(); checkExcludedIP(excludedSubtreesIP, ip); break; } }
/** * Constructor from given details. * * @param admissionAuthority The admission authority. * @param contentsOfAdmissions The admissions. */ public AdmissionSyntax(GeneralName admissionAuthority, Asn1Sequence contentsOfAdmissions) { _admissionAuthority = admissionAuthority; _contentsOfAdmissions = contentsOfAdmissions; }
/** * If the complete CRL includes an issuing distribution point (IDP) CRL * extension check the following: * <p> * (i) If the distribution point name is present in the IDP CRL extension * and the distribution field is present in the DP, then verify that one of * the names in the IDP matches one of the names in the DP. If the * distribution point name is present in the IDP CRL extension and the * distribution field is omitted from the DP, then verify that one of the * names in the IDP matches one of the names in the cRLIssuer field of the * DP. * </p> * <p> * (ii) If the onlyContainsUserCerts boolean is asserted in the IDP CRL * extension, verify that the certificate does not include the basic * constraints extension with the cA boolean asserted. * </p> * <p> * (iii) If the onlyContainsCACerts boolean is asserted in the IDP CRL * extension, verify that the certificate includes the basic constraints * extension with the cA boolean asserted. * </p> * <p> * (iv) Verify that the onlyContainsAttributeCerts boolean is not asserted. * </p> * * @param dp The distribution point. * @param cert The certificate. * @param crl The CRL. * @throws AnnotatedException if one of the conditions is not met or an error occurs. */ internal static void ProcessCrlB2( DistributionPoint dp, object cert, X509Crl crl) { IssuingDistributionPoint idp = null; try { idp = IssuingDistributionPoint.GetInstance(PkixCertPathValidatorUtilities.GetExtensionValue(crl, X509Extensions.IssuingDistributionPoint)); } catch (Exception e) { throw new Exception("0 Issuing distribution point extension could not be decoded.", e); } // (b) (2) (i) // distribution point name is present if (idp != null) { if (idp.DistributionPoint != null) { // make list of names DistributionPointName dpName = IssuingDistributionPoint.GetInstance(idp).DistributionPoint; IList names = Platform.CreateArrayList(); if (dpName.PointType == DistributionPointName.FullName) { GeneralName[] genNames = GeneralNames.GetInstance(dpName.Name).GetNames(); for (int j = 0; j < genNames.Length; j++) { names.Add(genNames[j]); } } if (dpName.PointType == DistributionPointName.NameRelativeToCrlIssuer) { Asn1EncodableVector vec = new Asn1EncodableVector(); try { IEnumerator e = Asn1Sequence.GetInstance( Asn1Sequence.FromByteArray(crl.IssuerDN.GetEncoded())).GetEnumerator(); while (e.MoveNext()) { vec.Add((Asn1Encodable)e.Current); } } catch (IOException e) { throw new Exception("Could not read CRL issuer.", e); } vec.Add(dpName.Name); names.Add(new GeneralName(X509Name.GetInstance(new DerSequence(vec)))); } bool matches = false; // verify that one of the names in the IDP matches one // of the names in the DP. if (dp.DistributionPointName != null) { dpName = dp.DistributionPointName; GeneralName[] genNames = null; if (dpName.PointType == DistributionPointName.FullName) { genNames = GeneralNames.GetInstance(dpName.Name).GetNames(); } if (dpName.PointType == DistributionPointName.NameRelativeToCrlIssuer) { if (dp.CrlIssuer != null) { genNames = dp.CrlIssuer.GetNames(); } else { genNames = new GeneralName[1]; try { genNames[0] = new GeneralName( PkixCertPathValidatorUtilities.GetIssuerPrincipal(cert)); } catch (IOException e) { throw new Exception("Could not read certificate issuer.", e); } } for (int j = 0; j < genNames.Length; j++) { IEnumerator e = Asn1Sequence.GetInstance(genNames[j].Name.ToAsn1Object()).GetEnumerator(); Asn1EncodableVector vec = new Asn1EncodableVector(); while (e.MoveNext()) { vec.Add((Asn1Encodable)e.Current); } vec.Add(dpName.Name); genNames[j] = new GeneralName(X509Name.GetInstance(new DerSequence(vec))); } } if (genNames != null) { for (int j = 0; j < genNames.Length; j++) { if (names.Contains(genNames[j])) { matches = true; break; } } } if (!matches) { throw new Exception( "No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point."); } } // verify that one of the names in // the IDP matches one of the names in the cRLIssuer field of // the DP else { if (dp.CrlIssuer == null) { throw new Exception("Either the cRLIssuer or the distributionPoint field must " + "be contained in DistributionPoint."); } GeneralName[] genNames = dp.CrlIssuer.GetNames(); for (int j = 0; j < genNames.Length; j++) { if (names.Contains(genNames[j])) { matches = true; break; } } if (!matches) { throw new Exception( "No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point."); } } } BasicConstraints bc = null; try { bc = BasicConstraints.GetInstance(PkixCertPathValidatorUtilities.GetExtensionValue( (IX509Extension)cert, X509Extensions.BasicConstraints)); } catch (Exception e) { throw new Exception("Basic constraints extension could not be decoded.", e); } //if (cert is X509Certificate) { // (b) (2) (ii) if (idp.OnlyContainsUserCerts && ((bc != null) && bc.IsCA())) { throw new Exception("CA Cert CRL only contains user certificates."); } // (b) (2) (iii) if (idp.OnlyContainsCACerts && (bc == null || !bc.IsCA())) { throw new Exception("End CRL only contains CA certificates."); } } // (b) (2) (iv) if (idp.OnlyContainsAttributeCerts) { throw new Exception("onlyContainsAttributeCerts boolean is asserted."); } } }
internal static void ProcessCertBC( PkixCertPath certPath, int index, PkixNameConstraintValidator nameConstraintValidator) //throws CertPathValidatorException { IList certs = certPath.Certificates; X509Certificate cert = (X509Certificate)certs[index]; int n = certs.Count; // i as defined in the algorithm description int i = n - index; // // (b), (c) permitted and excluded subtree checking. // if (!(PkixCertPathValidatorUtilities.IsSelfIssued(cert) && (i < n))) { X509Name principal = cert.SubjectDN; Asn1InputStream aIn = new Asn1InputStream(principal.GetEncoded()); Asn1Sequence dns; try { dns = DerSequence.GetInstance(aIn.ReadObject()); } catch (Exception e) { throw new PkixCertPathValidatorException( "Exception extracting subject name when checking subtrees.", e, certPath, index); } try { nameConstraintValidator.CheckPermittedDN(dns); nameConstraintValidator.CheckExcludedDN(dns); } catch (PkixNameConstraintValidatorException e) { throw new PkixCertPathValidatorException( "Subtree check for certificate subject failed.", e, certPath, index); } GeneralNames altName = null; try { altName = GeneralNames.GetInstance( PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.SubjectAlternativeName)); } catch (Exception e) { throw new PkixCertPathValidatorException( "Subject alternative name extension could not be decoded.", e, certPath, index); } IList emails = X509Name.GetInstance(dns).GetValueList(X509Name.EmailAddress); foreach (string email in emails) { GeneralName emailAsGeneralName = new GeneralName(GeneralName.Rfc822Name, email); try { nameConstraintValidator.checkPermitted(emailAsGeneralName); nameConstraintValidator.checkExcluded(emailAsGeneralName); } catch (PkixNameConstraintValidatorException ex) { throw new PkixCertPathValidatorException( "Subtree check for certificate subject alternative email failed.", ex, certPath, index); } } if (altName != null) { GeneralName[] genNames = null; try { genNames = altName.GetNames(); } catch (Exception e) { throw new PkixCertPathValidatorException( "Subject alternative name contents could not be decoded.", e, certPath, index); } foreach (GeneralName genName in genNames) { try { nameConstraintValidator.checkPermitted(genName); nameConstraintValidator.checkExcluded(genName); } catch (PkixNameConstraintValidatorException e) { throw new PkixCertPathValidatorException( "Subtree check for certificate subject alternative name failed.", e, certPath, index); } } } } }
public AuthorityInformationAccess( DerObjectIdentifier oid, GeneralName location) { this.descriptions = new AccessDescription[] { new AccessDescription(oid, location) }; }
/** * Constructor from given details. * <p> * Exactly one of the parameters must be not <code>null</code>.</p> * * @param type the choice type to apply to the name. * @param name the general name. * @throws ArgumentException if type is invalid. */ public Target( Choice type, GeneralName name) : this(new DerTaggedObject((int)type, name)) { }
public SemanticsInformation( GeneralName[] generalNames) { this.nameRegistrationAuthorities = generalNames; }
/** * Constructor. Invoking this constructor is the same as invoking * <code>new RoleSyntax(null, roleName)</code>. * @param roleName the role name of this RoleSyntax. */ public RoleSyntax( GeneralName roleName) : this(null, roleName) { }
/** * Constructor from Asn1Sequence. * <p/> * The sequence is of type ProcurationSyntax: * <p/> * <pre> * AdmissionSyntax ::= SEQUENCE * { * admissionAuthority GeneralName OPTIONAL, * contentsOfAdmissions SEQUENCE OF Admissions * } * <p/> * Admissions ::= SEQUENCE * { * admissionAuthority [0] EXPLICIT GeneralName OPTIONAL * namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL * professionInfos SEQUENCE OF ProfessionInfo * } * <p/> * NamingAuthority ::= SEQUENCE * { * namingAuthorityId OBJECT IDENTIFIER OPTIONAL, * namingAuthorityUrl IA5String OPTIONAL, * namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL * } * <p/> * ProfessionInfo ::= SEQUENCE * { * namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL, * professionItems SEQUENCE OF DirectoryString (SIZE(1..128)), * professionOIDs SEQUENCE OF OBJECT IDENTIFIER OPTIONAL, * registrationNumber PrintableString(SIZE(1..128)) OPTIONAL, * addProfessionInfo OCTET STRING OPTIONAL * } * </pre> * * @param seq The ASN.1 sequence. */ private AdmissionSyntax(Asn1Sequence seq) { switch (seq.Count) { case 1: _contentsOfAdmissions = Asn1Sequence.GetInstance(seq[0]); break; case 2: _admissionAuthority = GeneralName.GetInstance(seq[0]); _contentsOfAdmissions = Asn1Sequence.GetInstance(seq[1]); break; default: throw new ArgumentException("Bad sequence size: " + seq.Count); } }
private CertId(Asn1Sequence seq) { issuer = GeneralName.GetInstance(seq[0]); serialNumber = DerInteger.GetInstance(seq[1]); }
public void SetTsa( GeneralName tsa) { this.tsa = tsa; }
private object[] GetNames( GeneralName[] names) { int count = 0; for (int i = 0; i != names.Length; i++) { if (names[i].TagNo == GeneralName.DirectoryName) { ++count; } } object[] result = new object[count]; int pos = 0; for (int i = 0; i != names.Length; i++) { if (names[i].TagNo == GeneralName.DirectoryName) { result[pos++] = X509Name.GetInstance(names[i].Name); } } return result; }
private String ExtractNameAsString(GeneralName name) { return DerIA5String.GetInstance(name.Name).GetString(); }
public TstInfo( DerObjectIdentifier tsaPolicyId, MessageImprint messageImprint, DerInteger serialNumber, DerGeneralizedTime genTime, Accuracy accuracy, DerBoolean ordering, DerInteger nonce, GeneralName tsa, X509Extensions extensions) { this.version = new DerInteger(1); this.tsaPolicyId = tsaPolicyId; this.messageImprint = messageImprint; this.serialNumber = serialNumber; this.genTime = genTime; this.accuracy = accuracy; this.ordering = ordering; this.nonce = nonce; this.tsa = tsa; this.extensions = extensions; }