private ByteString pkcs1Bytes() { try { PrivateKeyInfo privateKeyInfo = PrivateKeyInfo.getInstance(keyPair.getPrivate().getEncoded()); return ByteString.of(privateKeyInfo.parsePrivateKey().toASN1Primitive().getEncoded()); } catch (IOException e) { throw new AssertionError(e); } }
int encodedLength() throws IOException { int length = 0; for (Enumeration e = getObjects(); e.hasMoreElements();) { length += ((ASN1Encodable)e.nextElement()).toASN1Primitive().encodedLength(); } return 2 + length + 2; }
private ExtendedKeyUsage( ASN1Sequence seq) { this.seq = seq; Enumeration e = seq.getObjects(); while (e.hasMoreElements()) { ASN1Encodable o = (ASN1Encodable)e.nextElement(); if (!(o.toASN1Primitive() instanceof ASN1ObjectIdentifier)) { throw new IllegalArgumentException("Only ASN1ObjectIdentifiers allowed in ExtendedKeyUsage."); } this.usageTable.put(o, o); } }
private void extractExtensions(ASN1Sequence seq, CRLInfo infos) throws IOException { @SuppressWarnings("rawtypes") Enumeration enumSeq = seq.getObjects(); while (enumSeq.hasMoreElements()) { ASN1Sequence extension = null; try { extension = (ASN1Sequence) enumSeq.nextElement(); int seqSize = extension.size(); if (seqSize == 2) { ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) extension.getObjectAt(0); byte[] content = extension.getObjectAt(1).toASN1Primitive().getEncoded(); infos.addNonCriticalExtension(oid.getId(), content); } else if (seqSize == 3) { ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) extension.getObjectAt(0); ASN1Boolean isCritical = (ASN1Boolean) extension.getObjectAt(1); byte[] content = extension.getObjectAt(2).toASN1Primitive().getEncoded(); if (isCritical.isTrue()) { infos.addCriticalExtension(oid.getId(), content); } else { infos.addNonCriticalExtension(oid.getId(), content); } } else { LOG.warn("Not supported format : {}", extension); } } catch (Exception e) { LOG.warn("Cannot parse extension {} : {}", extension, e.getMessage()); } } }
private DHDomainParameters(ASN1Sequence seq) { if (seq.size() < 3 || seq.size() > 5) { throw new IllegalArgumentException("Bad sequence size: " + seq.size()); } Enumeration e = seq.getObjects(); this.p = ASN1Integer.getInstance(e.nextElement()); this.g = ASN1Integer.getInstance(e.nextElement()); this.q = ASN1Integer.getInstance(e.nextElement()); ASN1Encodable next = getNext(e); if (next != null && next instanceof ASN1Integer) { this.j = ASN1Integer.getInstance(next); next = getNext(e); } if (next != null) { this.validationParms = DHValidationParms.getInstance(next.toASN1Primitive()); } }
private PBES2Parameters( ASN1Sequence obj) { Enumeration e = obj.getObjects(); ASN1Sequence funcSeq = ASN1Sequence.getInstance(((ASN1Encodable)e.nextElement()).toASN1Primitive()); if (funcSeq.getObjectAt(0).equals(id_PBKDF2)) { func = new KeyDerivationFunc(id_PBKDF2, PBKDF2Params.getInstance(funcSeq.getObjectAt(1))); } else { func = KeyDerivationFunc.getInstance(funcSeq); } scheme = EncryptionScheme.getInstance(e.nextElement()); }
boolean asn1Equals( ASN1Primitive o) { if (!(o instanceof ASN1Sequence)) { return false; } ASN1Sequence other = (ASN1Sequence)o; if (this.size() != other.size()) { return false; } Enumeration s1 = this.getObjects(); Enumeration s2 = other.getObjects(); while (s1.hasMoreElements()) { ASN1Encodable obj1 = getNext(s1); ASN1Encodable obj2 = getNext(s2); ASN1Primitive o1 = obj1.toASN1Primitive(); ASN1Primitive o2 = obj2.toASN1Primitive(); if (o1 == o2 || o1.equals(o2)) { continue; } return false; } return true; }
boolean asn1Equals( ASN1Primitive o) { if (!(o instanceof ASN1Set)) { return false; } ASN1Set other = (ASN1Set)o; if (this.size() != other.size()) { return false; } Enumeration s1 = this.getObjects(); Enumeration s2 = other.getObjects(); while (s1.hasMoreElements()) { ASN1Encodable obj1 = getNext(s1); ASN1Encodable obj2 = getNext(s2); ASN1Primitive o1 = obj1.toASN1Primitive(); ASN1Primitive o2 = obj2.toASN1Primitive(); if (o1 == o2 || o1.equals(o2)) { continue; } return false; } return true; }
/** * Extract the Unsigned Attribute Archive Timestamp Attribute Hash Index from a timestampToken * * @param timestampToken * @return */ private ASN1Sequence getUnsignedAttributesHashIndex(TimestampToken timestampToken) { final ASN1Sequence timestampAttributeAtsHashIndexValue = getAtsHashIndex(timestampToken); int unsignedAttributesIndex = 2; if (timestampAttributeAtsHashIndexValue.size() > 3) { unsignedAttributesIndex++; } return (ASN1Sequence) timestampAttributeAtsHashIndexValue.getObjectAt(unsignedAttributesIndex).toASN1Primitive(); }
private OtherRevRefs(ASN1Sequence seq) { if (seq.size() != 2) { throw new IllegalArgumentException("Bad sequence size: " + seq.size()); } this.otherRevRefType = new ASN1ObjectIdentifier(((ASN1ObjectIdentifier)seq.getObjectAt(0)).getId()); try { this.otherRevRefs = ASN1Primitive.fromByteArray(seq.getObjectAt(1) .toASN1Primitive().getEncoded(ASN1Encoding.DER)); } catch (IOException e) { throw new IllegalStateException(); } }
/** * Helper method that tries to construct the CRLs. */ private void findCRL(ASN1Sequence seq) { try { crls = new ArrayList<>(); for (int k = 0; k < seq.size(); ++k) { ByteArrayInputStream ar = new ByteArrayInputStream(seq.getObjectAt(k).toASN1Primitive().getEncoded(ASN1Encoding.DER)); X509CRL crl = (X509CRL) SignUtils.parseCrlFromStream(ar); crls.add(crl); } } catch (Exception ex) { // ignore } }
private void verifySig(ASN1Encodable store, SignatureCheck integrityCheck, PublicKey key) throws GeneralSecurityException, IOException { Signature sig = helper.createSignature(integrityCheck.getSignatureAlgorithm().getAlgorithm().getId()); sig.initVerify(key); sig.update(store.toASN1Primitive().getEncoded(ASN1Encoding.DER)); if (!sig.verify(integrityCheck.getSignature().getOctets())) { throw new IOException("BCFKS KeyStore corrupted: signature calculation failed"); } }
private PolicyMapping(ASN1Sequence seq) { // java object in sequence is actually not ASN1ObjectIdentifier but CertPolicyId, // so we do a conversion in order to avoid possible class cast exception here this.issuerDomainPolicy = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0).toASN1Primitive()); this.subjectDomainPolicy = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(1).toASN1Primitive()); }
@Override public void parse(ASN1Primitive derObject) { ASN1Sequence derSequence = ASN1Object.getDERSequence(derObject); this.endCertRevReq = new RevReq(); this.endCertRevReq.parse(derSequence.getObjectAt(0).toASN1Primitive()); this.caCerts = new RevReq(); this.caCerts.parse(derSequence.getObjectAt(1).toASN1Primitive()); }
/** * Parse UPN/otherName * * @param generalName otherName object * @return UPN as string */ public static String parseUPN(GeneralName generalName) { // OtherName ::= SEQUENCE { // type-id OBJECT IDENTIFIER, // value [0] EXPLICIT ANY DEFINED BY type-id } ASN1Sequence otherName = (ASN1Sequence) generalName.getName(); ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) otherName.getObjectAt(0); if (UPN_OID.equals(oid.getId())) { DERTaggedObject derTaggedObject = (DERTaggedObject) otherName.getObjectAt(1); DERUTF8String upn = DERUTF8String.getInstance(derTaggedObject.getObject()); return MessageFormat.format(res.getString("GeneralNameUtil.OtherGeneralName"), "UPN", upn.getString()); } // fallback to generic handling ASN1Encodable value = otherName.getObjectAt(1); try { return MessageFormat.format(res.getString("GeneralNameUtil.OtherGeneralName"), ObjectIdUtil.toString(oid), HexUtil.getHexString(value.toASN1Primitive().getEncoded(ASN1Encoding.DER))); } catch (IOException e) { return MessageFormat.format(res.getString("GeneralNameUtil.OtherGeneralName"), ObjectIdUtil.toString(oid), ""); } }
static X509Principal getIssuerX509Name(ASN1Sequence issuerAndSerialNumber) throws IOException { return new X509Principal(issuerAndSerialNumber.getObjectAt(0).toASN1Primitive().getEncoded()); }
private List<TimestampToken> createTimestamps(final ASN1ObjectIdentifier attrType, final TimestampType timestampType, final ArchiveTimestampType archiveTimestampType) { final List<TimestampToken> timestampTokenList = new ArrayList<TimestampToken>(); final AttributeTable attributes = attrType.equals(id_aa_ets_contentTimestamp) ? signerInformation.getSignedAttributes() : signerInformation.getUnsignedAttributes(); if (attributes != null) { final ASN1EncodableVector allAttributes = attributes.getAll(attrType); for (int ii = 0; ii < allAttributes.size(); ii++) { final Attribute attribute = (Attribute) allAttributes.get(ii); final ASN1Set attrValues = attribute.getAttrValues(); for (final ASN1Encodable value : attrValues.toArray()) { try { final byte[] encoded = value.toASN1Primitive().getEncoded(); // getEncoded(ASN1Encoding.DER) final CMSSignedData signedData = new CMSSignedData(encoded); final TimeStampToken token = new TimeStampToken(signedData); final TimestampToken timestampToken = new TimestampToken(token, timestampType, certPool); timestampToken.setArchiveTimestampType(archiveTimestampType); timestampTokenList.add(timestampToken); } catch (Exception e) { throw new DSSException(e); } } } } return timestampTokenList; }
private String doCollection(ASN1Encodable[] asn1Encodables) throws IOException { switch (asn1Encodables.length) { case 1: // one row, one column return "<table><tr><td colspan='2'>" + doPrimitive(asn1Encodables[0].toASN1Primitive()) + "</td></tr></table>"; case 2: // one row, two columns return "<table><tr><td>" + doPrimitive(asn1Encodables[0].toASN1Primitive()) + "</td>" + "<td>" + doPrimitive(asn1Encodables[1].toASN1Primitive()) + "</td></tr></table>"; default: // a row per per item final StringBuilder sb = new StringBuilder(); for (ASN1Encodable asn1Encodable : asn1Encodables) { sb.append("<table><tr><td colspan='2'>").append(doPrimitive(asn1Encodable.toASN1Primitive())).append("</td></tr></table>"); } return sb.toString(); } }
/** * Remove any archive-timestamp-v2/3 attribute added after the timestampToken */ private ASN1Sequence filterUnauthenticatedAttributes(ASN1Set unauthenticatedAttributes, TimestampToken timestampToken) { ASN1EncodableVector result = new ASN1EncodableVector(); for (int ii = 0; ii < unauthenticatedAttributes.size(); ii++) { final Attribute attribute = Attribute.getInstance(unauthenticatedAttributes.getObjectAt(ii)); final ASN1ObjectIdentifier attrType = attribute.getAttrType(); if (id_aa_ets_archiveTimestampV2.equals(attrType) || id_aa_ets_archiveTimestampV3.equals(attrType)) { try { TimeStampToken token = new TimeStampToken(new CMSSignedData(DSSASN1Utils.getDEREncoded(attribute.getAttrValues().getObjectAt(0).toASN1Primitive()))); if (!token.getTimeStampInfo().getGenTime().before(timestampToken.getGenerationTime())) { continue; } } catch (Exception e) { throw new DSSException(e); } } result.add(unauthenticatedAttributes.getObjectAt(ii)); } return new DERSequence(result); }
public void writeObject( ASN1Encodable obj) throws IOException { if (obj != null) { obj.toASN1Primitive().encode(this); } else { throw new IOException("null object detected"); } }