/** * Encodes the signature as a DER sequence (ASN.1 format). */ private byte[] asnEncode(byte[] sigBlob) throws IOException { byte[] r = new BigInteger(1, Arrays.copyOfRange(sigBlob, 0, 20)).toByteArray(); byte[] s = new BigInteger(1, Arrays.copyOfRange(sigBlob, 20, 40)).toByteArray(); ASN1EncodableVector vector = new ASN1EncodableVector(); vector.add(new ASN1Integer(r)); vector.add(new ASN1Integer(s)); ByteArrayOutputStream baos = new ByteArrayOutputStream(); ASN1OutputStream asnOS = new ASN1OutputStream(baos); asnOS.writeObject(new DERSequence(vector)); asnOS.flush(); return baos.toByteArray(); } }
protected static GeneralNames getSubjectAlternativeNames( Set<String> sanDnsNames ) { final ASN1EncodableVector subjectAlternativeNames = new ASN1EncodableVector(); if ( sanDnsNames != null ) { for ( final String dnsNameValue : sanDnsNames ) { subjectAlternativeNames.add( new GeneralName( GeneralName.dNSName, dnsNameValue ) ); } } return GeneralNames.getInstance( new DERSequence( subjectAlternativeNames ) ); }
public CertificateExtension generateVOMSExtension( List<X509AttributeCertificateHolder> acs) { ASN1EncodableVector vomsACs = new ASN1EncodableVector(); for (X509AttributeCertificateHolder ac : acs) vomsACs.add(ac.toASN1Structure()); DERSequence acSeq = new DERSequence(vomsACs); CertificateExtension ext = new CertificateExtension( VOMS_EXTENSION_OID.getId(), acSeq.toASN1Primitive(), false); return ext; }
ASN1EncodableVector v = new ASN1EncodableVector(); v.add(csrInfo); ASN1ObjectIdentifier oid = new ASN1ObjectIdentifier("0.0"); v.add(new DERSequence(oid)); v.add(new DERBitString(new byte[] {})); byte[] encoded = new DERSequence(v).getEncoded(); byte[] PKCS10= DataSignGeneration(encoded);
private void addOptional(ASN1EncodableVector v, int tagNo, ASN1Encodable obj) { if (obj != null) { v.add(new DERTaggedObject(true, tagNo, obj)); } } }
ASN1EncodableVector vector = new ASN1EncodableVector(); if (unsignedAttributes != null) new DERSet(ASN1Primitive.fromByteArray(token))); vector.add(signatureTimeStamp); Attributes signedAttributes = new Attributes(vector);
public void addAttribute(String oid, ASN1Encodable value) { attributes.add(new Attribute(new ASN1ObjectIdentifier(oid), new DERSet(value))); }
static BERSet createSet(ASN1EncodableVector v) { return v.size() < 1 ? EMPTY_SET : new BERSet(v); } }
/** * Create a certificate to use by a Certificate Authority, signed by a self signed certificate. */ private X509Certificate createCACert(PublicKey publicKey, PrivateKey privateKey) throws Exception { // signers name X500Name issuerName = new X500Name("CN=www.mockserver.com, O=MockServer, L=London, ST=England, C=UK"); // subjects name - the same as we are self signed. X500Name subjectName = issuerName; // serial BigInteger serial = BigInteger.valueOf(new Random().nextInt(Integer.MAX_VALUE)); // create the certificate - version 3 X509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(issuerName, serial, NOT_BEFORE, NOT_AFTER, subjectName, publicKey); builder.addExtension(Extension.subjectKeyIdentifier, false, createSubjectKeyIdentifier(publicKey)); builder.addExtension(Extension.basicConstraints, true, new BasicConstraints(true)); KeyUsage usage = new KeyUsage(KeyUsage.keyCertSign | KeyUsage.digitalSignature | KeyUsage.keyEncipherment | KeyUsage.dataEncipherment | KeyUsage.cRLSign); builder.addExtension(Extension.keyUsage, false, usage); ASN1EncodableVector purposes = new ASN1EncodableVector(); purposes.add(KeyPurposeId.id_kp_serverAuth); purposes.add(KeyPurposeId.id_kp_clientAuth); purposes.add(KeyPurposeId.anyExtendedKeyUsage); builder.addExtension(Extension.extendedKeyUsage, false, new DERSequence(purposes)); X509Certificate cert = signCertificate(builder, privateKey); cert.checkValidity(new Date()); cert.verify(publicKey); return cert; }
ASN1EncodableVector signedAttributes = new ASN1EncodableVector(); signedAttributes.add(new Attribute(CMSAttributes.contentType, new DERSet(new ASN1ObjectIdentifier("1.2.840.113549.1.7.1")))); signedAttributes.add(new Attribute(CMSAttributes.messageDigest, new DERSet(new DEROctetString(digestBytes)))); signedAttributes.add(new Attribute(CMSAttributes.signingTime, new DERSet(new DERUTCTime(signingDate)))); AttributeTable signedAttributesTable = new AttributeTable(signedAttributes);
private void addOptional(ASN1EncodableVector v, int tagNo, ASN1Encodable obj) { if (obj != null) { v.add(new DERTaggedObject(true, tagNo, obj)); } } }
public void addAttribute(String oid, ASN1Encodable value) { attributes.add(new Attribute(new ASN1ObjectIdentifier(oid), new DERSet(value))); }
static BERSet createSet(ASN1EncodableVector v) { return v.size() < 1 ? EMPTY_SET : new BERSet(v); } }
/** * Encodes the signature as a DER sequence (ASN.1 format). */ private byte[] asnEncode(byte[] sigBlob) throws IOException { Buffer.PlainBuffer sigbuf = new Buffer.PlainBuffer(sigBlob); byte[] r = sigbuf.readBytes(); byte[] s = sigbuf.readBytes(); ASN1EncodableVector vector = new ASN1EncodableVector(); vector.add(new ASN1Integer(r)); vector.add(new ASN1Integer(s)); ByteArrayOutputStream baos = new ByteArrayOutputStream(); ASN1OutputStream asnOS = new ASN1OutputStream(baos); asnOS.writeObject(new DERSequence(vector)); asnOS.flush(); return baos.toByteArray(); } }
generator.addExtension(Extension.keyUsage, false, usage); ASN1EncodableVector purposes = new ASN1EncodableVector(); purposes.add(KeyPurposeId.id_kp_serverAuth); purposes.add(KeyPurposeId.id_kp_clientAuth); purposes.add(KeyPurposeId.anyExtendedKeyUsage); generator.addExtension(Extension.extendedKeyUsage, false, new DERSequence(purposes));
final X500Name issuerX500Name = new X509CertificateHolder(mycert.getEncoded()).getIssuer(); final GeneralName generalName = new GeneralName(issuerX500Name); final GeneralNames generalNames = new GeneralNames(generalName); final BigInteger serialNumber = mycert.getSerialNumber(); final IssuerSerial issuerSerial = new IssuerSerial(generalNames, serialNumber); ESSCertIDv2 certid = new ESSCertIDv2(new AlgorithmIdentifier(new ASN1ObjectIdentifier("2.16.840.1.101.3.4.2.3")), this.digest(mycert.getEncoded()), issuerSerial); SigningCertificateV2 sigcert = new SigningCertificateV2(certid); final DERSet attrValues = new DERSet(sigcert); Attribute attr = new Attribute(PKCSObjectIdentifiers.id_aa_signingCertificateV2, attrValues); ASN1EncodableVector v = new ASN1EncodableVector(); v.add(attr); JcaSignerInfoGeneratorBuilder builder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider("BC").build()); builder.setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator(new AttributeTable(v)));