/** * This method checks if a given {@code DEROctetString} is null. * * @param derOctetString * @return */ public static boolean isDEROctetStringNull(final DEROctetString derOctetString) { final byte[] derOctetStringBytes = derOctetString.getOctets(); final ASN1Primitive asn1Null = DSSASN1Utils.toASN1Primitive(derOctetStringBytes); return DERNull.INSTANCE.equals(asn1Null); }
/** * Indicates if this certificate has an CRL extension expiredCertOnCRL. * * @return */ public boolean hasExpiredCertOnCRLExtension() { final byte[] extensionValue = x509Certificate.getExtensionValue(OID.id_ce_expiredCertsOnCRL.getId()); if (extensionValue != null) { try { final ASN1Primitive derObject = DSSASN1Utils.toASN1Primitive(extensionValue); if (derObject instanceof DEROctetString) { final boolean derOctetStringNull = DSSASN1Utils.isDEROctetStringNull((DEROctetString) derObject); return derOctetStringNull; } } catch (Exception e) { LOG.debug("Exception when processing 'id_ce_expiredCertsOnCRL'", e); } } return false; }
@Override public byte[] getBytes() throws DSSException { try { final ByteArrayOutputStream output = new ByteArrayOutputStream(); final DEROutputStream derOutputStream = new DEROutputStream(output); final byte[] encoded = signedData.getEncoded(); final ASN1Primitive asn1Primitive = DSSASN1Utils.toASN1Primitive(encoded); derOutputStream.writeObject(asn1Primitive); derOutputStream.close(); return output.toByteArray(); } catch (IOException e) { throw new DSSException(e); } }
/** * Indicates if the revocation data should be checked for an OCSP signing certificate.<br> * http://www.ietf.org/rfc/rfc2560.txt?number=2560<br> * A CA may specify that an OCSP client can trust a responder for the lifetime of the responder's certificate. The CA * does so by including the extension id-pkix-ocsp-nocheck. This SHOULD be a non-critical extension. The value of the * extension should be NULL. * * @return */ public boolean hasIdPkixOcspNoCheckExtension() { final byte[] extensionValue = x509Certificate.getExtensionValue(OID.id_pkix_ocsp_no_check.getId()); if (extensionValue != null) { try { final ASN1Primitive derObject = DSSASN1Utils.toASN1Primitive(extensionValue); if (derObject instanceof DEROctetString) { final boolean derOctetStringNull = DSSASN1Utils.isDEROctetStringNull((DEROctetString) derObject); return derOctetStringNull; } } catch (Exception e) { LOG.debug("Exception when processing 'id_pkix_ocsp_no_check'", e); } } return false; }
/** * @param signerInformation {@code SignerInformation} * @return {@code DERTaggedObject} representing the signed attributes * @throws DSSException in case of a decoding problem */ public static DERTaggedObject getSignedAttributes(final SignerInformation signerInformation) throws DSSException { try { final byte[] encodedSignedAttributes = signerInformation.getEncodedSignedAttributes(); if (encodedSignedAttributes == null) { return null; } final ASN1Set asn1Set = DSSASN1Utils.toASN1Primitive(encodedSignedAttributes); return new DERTaggedObject(false, 0, asn1Set); } catch (IOException e) { throw new DSSException(e); } } }
for (final TimestampToken contentTimestamp : contentTimestamps) { final ASN1Object asn1Object = DSSASN1Utils.toASN1Primitive(contentTimestamp.getEncoded()); final DERSet attrValues = new DERSet(asn1Object); final Attribute attribute = new Attribute(id_aa_ets_contentTimestamp, attrValues);
return DSSASN1Utils.toASN1Primitive(newTimeStampTokenBytes); } catch (IOException e) { throw new DSSException(e);
for (final OCSPToken ocspToken : revocationDataForInclusion.ocspTokens) { final BasicOCSPResp basicOCSPResp = ocspToken.getBasicOCSPResp(); newOtherRevocationInfoFormatStore.add(DSSASN1Utils.toASN1Primitive(DSSUtils.getEncoded(basicOCSPResp)));
final ASN1Sequence asn1Sequence = DSSASN1Utils.toASN1Primitive(policyBytes); final ASN1Sequence signPolicyHashAlgObject = (ASN1Sequence) asn1Sequence.getObjectAt(0); final AlgorithmIdentifier signPolicyHashAlgIdentifier = AlgorithmIdentifier.getInstance(signPolicyHashAlgObject);