public ASN1SetParser getUnprotectedAttrs() throws IOException { if (_nextObject == null) { _nextObject = _seq.readObject(); } if (_nextObject != null) { ASN1Encodable o = _nextObject; _nextObject = null; return (ASN1SetParser)((ASN1TaggedObjectParser)o).getObjectParser(BERTags.SET, false); } return null; }
public static AlgorithmIdentifier extractDigesetAlgFromSigAlg( AlgorithmIdentifier sigAlgId) throws NoSuchAlgorithmException { ASN1ObjectIdentifier algOid = sigAlgId.getAlgorithm(); ASN1ObjectIdentifier digestAlgOid; if (PKCSObjectIdentifiers.id_RSASSA_PSS.equals(algOid)) { ASN1Encodable asn1Encodable = sigAlgId.getParameters(); RSASSAPSSparams param = RSASSAPSSparams.getInstance(asn1Encodable); digestAlgOid = param.getHashAlgorithm().getAlgorithm(); } else { HashAlgoType digestAlg = sigAlgOidToDigestMap.get(algOid); if (digestAlg == null) { throw new NoSuchAlgorithmException("unknown signature algorithm " + algOid.getId()); } digestAlgOid = digestAlg.oid(); } return new AlgorithmIdentifier(digestAlgOid, DERNull.INSTANCE); }
private boolean matchesDN(X500Principal subject, GeneralNames targets) { GeneralName[] names = targets.getNames(); for (int i = 0; i != names.length; i++) { GeneralName gn = names[i]; if (gn.getTagNo() == GeneralName.directoryName) { try { if (new X500Principal(((ASN1Encodable)gn.getName()).toASN1Primitive().getEncoded()).equals(subject)) { return true; } } catch (IOException e) { } } } return false; }
private boolean matchesDN(X509Principal subject, GeneralNames targets) { GeneralName[] names = targets.getNames(); for (int i = 0; i != names.length; i++) { GeneralName gn = names[i]; if (gn.getTagNo() == GeneralName.directoryName) { try { if (new X509Principal(((ASN1Encodable)gn.getName()).toASN1Primitive() .getEncoded()).equals(subject)) { return true; } } catch (IOException e) { } } } return false; }
private Object[] getNames(GeneralName[] names) { List l = new ArrayList(names.length); for (int i = 0; i != names.length; i++) { if (names[i].getTagNo() == GeneralName.directoryName) { try { l.add(new X500Principal( ((ASN1Encodable)names[i].getName()).toASN1Primitive().getEncoded())); } catch (IOException e) { throw new RuntimeException("badly formed Name object"); } } } return l.toArray(new Object[l.size()]); }
/** * add a given extension field for the standard extensions tag (tag 3) * copying the extension value from another certificate. * @throws CertificateParsingException if the extension cannot be extracted. */ public void copyAndAddExtension( String oid, boolean critical, X509Certificate cert) throws CertificateParsingException { byte[] extValue = cert.getExtensionValue(oid); if (extValue == null) { throw new CertificateParsingException("extension " + oid + " not present"); } try { ASN1Encodable value = X509ExtensionUtil.fromExtensionValue(extValue); this.addExtension(oid, critical, value); } catch (IOException e) { throw new CertificateParsingException(e.toString()); } }
public static X500PrivateCredential generateServerCertificate(KeyPair caKeyPair) throws NoSuchAlgorithmException, CertificateException, OperatorCreationException, CertIOException { X500Name issuerName = new X500Name("CN=bouncrca"); X500Name subjectName = new X500Name("CN=bouncr"); BigInteger serial = BigInteger.valueOf(2); long t1 = System.currentTimeMillis(); KeyPairGenerator rsa = KeyPairGenerator.getInstance("RSA"); rsa.initialize(2048, SecureRandom.getInstance("NativePRNGNonBlocking")); KeyPair kp = rsa.generateKeyPair(); System.out.println(System.currentTimeMillis() - t1); X509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(issuerName, serial, NOT_BEFORE, NOT_AFTER, subjectName, kp.getPublic()); DERSequence subjectAlternativeNames = new DERSequence(new ASN1Encodable[] { new GeneralName(GeneralName.dNSName, "localhost"), new GeneralName(GeneralName.dNSName, "127.0.0.1") }); builder.addExtension(Extension.subjectAlternativeName, false, subjectAlternativeNames); X509Certificate cert = signCertificate(builder, caKeyPair.getPrivate()); return new X500PrivateCredential(cert, kp.getPrivate()); }
AlgorithmIdentifier getAlgorithmIdentifier(ASN1ObjectIdentifier encryptionOID, AlgorithmParameters params) throws CRMFException { ASN1Encodable asn1Params; if (params != null) { try { asn1Params = ASN1Primitive.fromByteArray(params.getEncoded("ASN.1")); } catch (IOException e) { throw new CRMFException("cannot encode parameters: " + e.getMessage(), e); } } else { asn1Params = DERNull.INSTANCE; } return new AlgorithmIdentifier( encryptionOID, asn1Params); }
/** * Add the CRLEntry objects contained in a previous CRL. * * @param other the X509CRLHolder to source the other entries from. * @return the current builder. */ public X509v2CRLBuilder addCRL(X509CRLHolder other) { TBSCertList revocations = other.toASN1Structure().getTBSCertList(); if (revocations != null) { for (Enumeration en = revocations.getRevokedCertificateEnumeration(); en.hasMoreElements();) { tbsGen.addCRLEntry(ASN1Sequence.getInstance(((ASN1Encodable)en.nextElement()).toASN1Primitive())); } } return this; }
private EncKeyWithID(ASN1Sequence seq) { this.privKeyInfo = PrivateKeyInfo.getInstance(seq.getObjectAt(0)); if (seq.size() > 1) { if (!(seq.getObjectAt(1) instanceof DERUTF8String)) { this.identifier = GeneralName.getInstance(seq.getObjectAt(1)); } else { this.identifier = (ASN1Encodable)seq.getObjectAt(1); } } else { this.identifier = null; } }
/** * Add a given extension field for the standard extensions tag (tag 3) * * @param oid the OID defining the extension type. * @param isCritical true if the extension is critical, false otherwise. * @param value the ASN.1 structure that forms the extension's value. * @return this builder object. */ public X509v3CertificateBuilder addExtension( ASN1ObjectIdentifier oid, boolean isCritical, ASN1Encodable value) throws CertIOException { CertUtils.addExtension(extGenerator, oid, isCritical, value); return this; }
/** * Extract extensions from CSR object */ public static Extensions getExtensionsFromCSR(JcaPKCS10CertificationRequest csr) { Attribute[] attributess = csr.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest); for (Attribute attribute : attributess) { ASN1Set attValue = attribute.getAttrValues(); if (attValue != null) { ASN1Encodable extension = attValue.getObjectAt(0); if (extension instanceof Extensions) { return (Extensions) extension; } else if (extension instanceof DERSequence) { return Extensions.getInstance(extension); } } } return null; }
private void checkSignature( PublicKey key, Signature signature) throws CertificateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException { if (!isAlgIdEqual(c.getSignatureAlgorithm(), c.getTBSCertificate().getSignature())) { throw new CertificateException("signature algorithm in TBS cert not same as outer cert"); } ASN1Encodable params = c.getSignatureAlgorithm().getParameters(); // TODO This should go after the initVerify? X509SignatureUtil.setSignatureParameters(signature, params); signature.initVerify(key); signature.update(this.getTBSCertificate()); if (!signature.verify(this.getSignature())) { throw new SignatureException("certificate does not verify with supplied key"); } }
Store getCertificates(ASN1Set certSet) { if (certSet != null) { List certList = new ArrayList(certSet.size()); for (Enumeration en = certSet.getObjects(); en.hasMoreElements();) { ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive(); if (obj instanceof ASN1Sequence) { certList.add(new X509CertificateHolder(Certificate.getInstance(obj))); } } return new CollectionStore(certList); } return new CollectionStore(new ArrayList()); }
public ASN1SetParser getAuthAttrs() throws IOException { if (nextObject == null) { nextObject = seq.readObject(); } if (nextObject instanceof ASN1TaggedObjectParser) { ASN1Encodable o = nextObject; nextObject = null; return (ASN1SetParser)((ASN1TaggedObjectParser)o).getObjectParser(BERTags.SET, false); } // TODO // "The authAttrs MUST be present if the content type carried in // EncryptedContentInfo is not id-data." return null; }
private ASN1Primitive getObjectInTag(int tagNo) { Enumeration e = seq.getObjects(); while (e.hasMoreElements()) { ASN1Encodable obj = (ASN1Encodable)e.nextElement(); if (obj instanceof ASN1TaggedObject) { ASN1TaggedObject tag = (ASN1TaggedObject)obj; if (tag.getTagNo() == tagNo) { return (ASN1Primitive)((ASN1Encodable)tag.getObject()).toASN1Primitive(); } } } return null; }
/** * Return the certificates stored in the underlying OriginatorInfo object. * * @return a Store of X509CertificateHolder objects. */ public Store getCertificates() { ASN1Set certSet = originatorInfo.getCertificates(); if (certSet != null) { List certList = new ArrayList(certSet.size()); for (Enumeration en = certSet.getObjects(); en.hasMoreElements();) { ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive(); if (obj instanceof ASN1Sequence) { certList.add(new X509CertificateHolder(Certificate.getInstance(obj))); } } return new CollectionStore(certList); } return new CollectionStore(new ArrayList()); }
/** * Dump out the object as a string. * * @param obj the object to be dumped * @param verbose if true, dump out the contents of octet and bit strings. * @return the resulting string. */ public static String dumpAsString( Object obj, boolean verbose) { StringBuffer buf = new StringBuffer(); if (obj instanceof ASN1Primitive) { _dumpAsString("", verbose, (ASN1Primitive)obj, buf); } else if (obj instanceof ASN1Encodable) { _dumpAsString("", verbose, ((ASN1Encodable)obj).toASN1Primitive(), buf); } else { return "unknown object type " + obj.toString(); } return buf.toString(); }
Store getCRLs(ASN1Set crlSet) { if (crlSet != null) { List crlList = new ArrayList(crlSet.size()); for (Enumeration en = crlSet.getObjects(); en.hasMoreElements();) { ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive(); if (obj instanceof ASN1Sequence) { crlList.add(new X509CRLHolder(CertificateList.getInstance(obj))); } } return new CollectionStore(crlList); } return new CollectionStore(new ArrayList()); }
/** * Gets the role authority as a <code>String[]</code> object. * @return the role authority of this RoleSyntax represented as a * <code>String[]</code> array. */ public String[] getRoleAuthorityAsString() { if(roleAuthority == null) { return new String[0]; } GeneralName[] names = roleAuthority.getNames(); String[] namesString = new String[names.length]; for(int i = 0; i < names.length; i++) { ASN1Encodable value = names[i].getName(); if(value instanceof ASN1String) { namesString[i] = ((ASN1String)value).getString(); } else { namesString[i] = value.toString(); } } return namesString; }
public ASN1SetParser getUnauthAttrs() throws IOException { if (nextObject == null) { nextObject = seq.readObject(); } if (nextObject != null) { ASN1Encodable o = nextObject; nextObject = null; return (ASN1SetParser)((ASN1TaggedObjectParser)o).getObjectParser(BERTags.SET, false); } return null; }
/** * Add a given extension field. * * @param oid the OID defining the extension type. * @param isCritical true if the extension is critical, false otherwise. * @param value the ASN.1 structure that forms the extension's value. * @return this builder object. * @throws DVCSException if there is an issue encoding the extension for adding. */ public void addExtension( ASN1ObjectIdentifier oid, boolean isCritical, ASN1Encodable value) throws DVCSException { try { extGenerator.addExtension(oid, isCritical, value); } catch (IOException e) { throw new DVCSException("cannot encode extension: " + e.getMessage(), e); } }
private Asn1NewKeyControl(ASN1Sequence seq) throws BadAsn1ObjectException { control = new P11NewKeyControl(); final int size = seq.size(); for (int i = 0; i < size; i++) { ASN1Encodable obj = seq.getObjectAt(i); if (obj instanceof ASN1TaggedObject) { continue; } ASN1TaggedObject tagObj = (ASN1TaggedObject) obj; int tagNo = tagObj.getTagNo(); if (tagNo == 0) { boolean bv = ((ASN1Boolean) tagObj.getObject()).isTrue(); control.setExtractable(bv); } } }
private ExtendedKeyUsage( ASN1Sequence seq) { this.seq = seq; Enumeration e = seq.getObjects(); while (e.hasMoreElements()) { ASN1Encodable o = (ASN1Encodable)e.nextElement(); if (!(o.toASN1Primitive() instanceof ASN1ObjectIdentifier)) { throw new IllegalArgumentException("Only ASN1ObjectIdentifiers allowed in ExtendedKeyUsage."); } this.usageTable.put(o, o); } }
public static byte[] getOctetStringBytes(ASN1Encodable object) throws BadAsn1ObjectException { try { return DEROctetString.getInstance(object).getOctets(); } catch (IllegalArgumentException ex) { throw new BadAsn1ObjectException("invalid object OctetString: " + ex.getMessage(), ex); } }
public X509Attribute[] getAttributes() { ASN1Sequence seq = cert.getAcinfo().getAttributes(); X509Attribute[] attrs = new X509Attribute[seq.size()]; for (int i = 0; i != seq.size(); i++) { attrs[i] = new X509Attribute((ASN1Encodable)seq.getObjectAt(i)); } return attrs; }
public ASN1Encodable getId() { if (id instanceof ASN1TaggedObject) { return ASN1OctetString.getInstance((ASN1TaggedObject)id, false); } return IssuerAndSerialNumber.getInstance(id); }
/** * add a given extension field for the standard extensions tag (tag 3) */ public void addExtension( String oid, boolean critical, ASN1Encodable value) { this.addExtension(new DERObjectIdentifier(oid), critical, value); }
private void addOptional(ASN1EncodableVector v, int tagNo, ASN1Encodable obj) { if (obj != null) { v.add(new DERTaggedObject(true, tagNo, obj)); } }
static void addExtension(ExtensionsGenerator extGenerator, ASN1ObjectIdentifier oid, boolean isCritical, ASN1Encodable value) throws CertIOException { try { extGenerator.addExtension(oid, isCritical, value); } catch (IOException e) { throw new CertIOException("cannot encode extension: " + e.getMessage(), e); } }
public static BigInteger getInteger(ASN1Encodable object) throws BadAsn1ObjectException { try { return ASN1Integer.getInstance(object).getValue(); } catch (IllegalArgumentException ex) { throw new BadAsn1ObjectException("invalid object ASN1Integer: " + ex.getMessage(), ex); } }
static void derEncodeToStream(ASN1Encodable obj, OutputStream stream) { DEROutputStream dOut = new DEROutputStream(stream); try { dOut.writeObject(obj); dOut.close(); } catch (IOException e) { throw new CRMFRuntimeException("unable to DER encode object: " + e.getMessage(), e); } }
public OtherKeyAttribute( ASN1ObjectIdentifier keyAttrId, ASN1Encodable keyAttr) { this.keyAttrId = keyAttrId; this.keyAttr = keyAttr; }
public ContentInfo( ASN1ObjectIdentifier contentType, ASN1Encodable content) { this.contentType = contentType; this.content = content; }
/** * Add a given extension field for the standard extensions tag * * @param oid the OID defining the extension type. * @param isCritical true if the extension is critical, false otherwise. * @param value the ASN.1 structure that forms the extension's value. * @return this builder object. */ public X509v2AttributeCertificateBuilder addExtension( ASN1ObjectIdentifier oid, boolean isCritical, ASN1Encodable value) throws CertIOException { CertUtils.addExtension(extGenerator, oid, isCritical, value); return this; }
private void addOptional(ASN1EncodableVector v, ASN1Encodable obj) { if (obj != null) { v.add(obj); } }
public static byte[] getEncodedPrivateKeyInfo(AlgorithmIdentifier algId, ASN1Encodable privKey) { try { PrivateKeyInfo info = new PrivateKeyInfo(algId, privKey.toASN1Primitive()); return getEncodedPrivateKeyInfo(info); } catch (Exception e) { return null; } }
private byte[] toDEREncoded(ASN1Encodable obj) throws CertificateEncodingException { try { return obj.toASN1Primitive().getEncoded(ASN1Encoding.DER); } catch (IOException e) { throw new CertificateEncodingException("Exception thrown: " + e); } }
private void addOptional(ASN1EncodableVector v, int tagNo, ASN1Encodable obj) { if (obj != null) { v.add(new DERTaggedObject(false, tagNo, obj)); } }
public OtherRecipientInfo( ASN1ObjectIdentifier oriType, ASN1Encodable oriValue) { this.oriType = oriType; this.oriValue = oriValue; }
