@Override public boolean isNextType(int clazz, int number, boolean isConstructed) { try { return peekType() == (clazz | (isConstructed ? CONSTRUCTED_MASK : 0x00) | number); } catch (ASN1Exception e) { return false; } }
@Override public BigInteger decodeInteger() throws ASN1Exception { if (INTEGER_TYPE != peekType()) { throw log.asnUnexpectedTag(); } return new BigInteger(drainElementValue()); }
/** * Decode the next element from the given DER decoder as an X.509 certificate chain. * * @param decoder the DER decoder * @return the X.509 certificate chain * @throws ASN1Exception if the next element from the given decoder is not an X.509 * certificate chain or if an error occurs while decoding the X.509 certificate chain */ public static X509Certificate[] decodeX509CertificateChain(final DERDecoder decoder) throws ASN1Exception { if (decoder.peekType() != SET_TYPE) { throw saslEntity.asnUnexpectedTag(); } byte[] certChain = decoder.drainElement(); try { CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); certChain[0] = SEQUENCE_TYPE; // CertificateFactory#generateCertPath requires a DER SEQUE CertPath certPath = certFactory.generateCertPath(new ByteArrayInputStream(certChain)); List<? extends Certificate> certs = certPath.getCertificates(); return certs.toArray(new X509Certificate[certs.size()]); } catch (CertificateException e) { throw new ASN1Exception(e); } }
/** * <p> * Decode the next element from the given DER decoder as a {@code CertData} element, * which is defined as follows: * * <pre> * CertData ::= CHOICE { * certificateSet SET SIZE (1..MAX) OF Certificate, * certURL IA5String (Note: No support for certificate URL) * } * </pre> * </p> * * @param decoder the DER decoder * @return the X.509 certificate or certificate chain * @throws ASN1Exception if the next element from the given decoder is not a {@code CertData} * element or if an error occurs while decoding the certificate data */ public static X509Certificate[] decodeCertificateData(final DERDecoder decoder) throws ASN1Exception { X509Certificate[] peerCertChain; if (decoder.peekType() == SET_TYPE) { peerCertChain = decodeX509CertificateChain(decoder); } else { throw saslEntity.asnUnexpectedTag(); } return peerCertChain; }
@Override public BigInteger decodeBitStringAsInteger() { DERDecoder decoder = new DERDecoder(decodeBitString()); if (decoder.peekType() != INTEGER_TYPE) { throw log.asnUnexpectedTag(); } return decoder.decodeInteger(); }
private static PublicKey parsePemPublicKey(String type, ByteIterator byteIterator) throws IllegalArgumentException { if (! type.equals(PUBLIC_KEY_FORMAT)) { throw log.invalidPemType(PUBLIC_KEY_FORMAT, type); } try { byte[] der = byteIterator.drain(); DERDecoder derDecoder = new DERDecoder(der); derDecoder.startSequence(); switch (derDecoder.peekType()) { case ASN1.SEQUENCE_TYPE: derDecoder.startSequence(); String algorithm = derDecoder.decodeObjectIdentifierAsKeyAlgorithm(); if (algorithm != null) { return KeyFactory.getInstance(algorithm).generatePublic(new X509EncodedKeySpec(der)); } throw log.asnUnrecognisedAlgorithm(algorithm); default: throw log.asnUnexpectedTag(); } } catch (Exception cause) { throw log.publicKeyParseError(cause); } }
private static PrivateKey parsePemPrivateKey(String type, ByteIterator byteIterator) throws IllegalArgumentException { if (! type.equals(PRIVATE_KEY_FORMAT)) { throw log.invalidPemType(PRIVATE_KEY_FORMAT, type); } try { byte[] der = byteIterator.drain(); DERDecoder derDecoder = new DERDecoder(der); derDecoder.startSequence(); // Version if (derDecoder.peekType() != ASN1.INTEGER_TYPE) throw log.asnUnexpectedTag(); derDecoder.skipElement(); // AlgorithmIdentifier derDecoder.startSequence(); String algorithm = derDecoder.decodeObjectIdentifierAsKeyAlgorithm(); if (algorithm != null) { return KeyFactory.getInstance(algorithm).generatePrivate(new PKCS8EncodedKeySpec(der)); } throw log.asnUnrecognisedAlgorithm(algorithm); } catch (Exception cause) { throw log.privateKeyParseError(cause); } }
@Override public boolean isNextType(int clazz, int number, boolean isConstructed) { try { return peekType() == (clazz | (isConstructed ? CONSTRUCTED_MASK : 0x00) | number); } catch (ASN1Exception e) { return false; } }
@Override public boolean isNextType(int clazz, int number, boolean isConstructed) { try { return peekType() == (clazz | (isConstructed ? CONSTRUCTED_MASK : 0x00) | number); } catch (ASN1Exception e) { return false; } }
@Override public boolean isNextType(int clazz, int number, boolean isConstructed) { try { return peekType() == (clazz | (isConstructed ? CONSTRUCTED_MASK : 0x00) | number); } catch (ASN1Exception e) { return false; } }
@Override public BigInteger decodeInteger() throws ASN1Exception { if (INTEGER_TYPE != peekType()) { throw log.asnUnexpectedTag(); } return new BigInteger(drainElementValue()); }
@Override public BigInteger decodeInteger() throws ASN1Exception { if (INTEGER_TYPE != peekType()) { throw log.asnUnexpectedTag(); } return new BigInteger(drainElementValue()); }
@Override public BigInteger decodeInteger() throws ASN1Exception { if (INTEGER_TYPE != peekType()) { throw log.asnUnexpectedTag(); } return new BigInteger(drainElementValue()); }
/** * Decode the next element from the given DER decoder as an X.509 certificate chain. * * @param decoder the DER decoder * @return the X.509 certificate chain * @throws ASN1Exception if the next element from the given decoder is not an X.509 * certificate chain or if an error occurs while decoding the X.509 certificate chain */ public static X509Certificate[] decodeX509CertificateChain(final DERDecoder decoder) throws ASN1Exception { if (decoder.peekType() != SET_TYPE) { throw saslEntity.asnUnexpectedTag(); } byte[] certChain = decoder.drainElement(); try { CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); certChain[0] = SEQUENCE_TYPE; // CertificateFactory#generateCertPath requires a DER SEQUE CertPath certPath = certFactory.generateCertPath(new ByteArrayInputStream(certChain)); List<? extends Certificate> certs = certPath.getCertificates(); return certs.toArray(new X509Certificate[certs.size()]); } catch (CertificateException e) { throw new ASN1Exception(e); } }
/** * Decode the next element from the given DER decoder as an X.509 certificate chain. * * @param decoder the DER decoder * @return the X.509 certificate chain * @throws ASN1Exception if the next element from the given decoder is not an X.509 * certificate chain or if an error occurs while decoding the X.509 certificate chain */ public static X509Certificate[] decodeX509CertificateChain(final DERDecoder decoder) throws ASN1Exception { if (decoder.peekType() != SET_TYPE) { throw saslEntity.asnUnexpectedTag(); } byte[] certChain = decoder.drainElement(); try { CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); certChain[0] = SEQUENCE_TYPE; // CertificateFactory#generateCertPath requires a DER SEQUE CertPath certPath = certFactory.generateCertPath(new ByteArrayInputStream(certChain)); List<? extends Certificate> certs = certPath.getCertificates(); return certs.toArray(new X509Certificate[certs.size()]); } catch (CertificateException e) { throw new ASN1Exception(e); } }
@Override public BigInteger decodeBitStringAsInteger() { DERDecoder decoder = new DERDecoder(decodeBitString()); if (decoder.peekType() != INTEGER_TYPE) { throw log.asnUnexpectedTag(); } return decoder.decodeInteger(); }
@Override public BigInteger decodeBitStringAsInteger() { DERDecoder decoder = new DERDecoder(decodeBitString()); if (decoder.peekType() != INTEGER_TYPE) { throw log.asnUnexpectedTag(); } return decoder.decodeInteger(); }
@Override public BigInteger decodeBitStringAsInteger() { DERDecoder decoder = new DERDecoder(decodeBitString()); if (decoder.peekType() != INTEGER_TYPE) { throw log.asnUnexpectedTag(); } return decoder.decodeInteger(); }
private static PublicKey parsePemPublicKey(String type, ByteIterator byteIterator) throws IllegalArgumentException { if (! type.equals(PUBLIC_KEY_FORMAT)) { throw log.invalidPemType(PUBLIC_KEY_FORMAT, type); } try { byte[] der = byteIterator.drain(); DERDecoder derDecoder = new DERDecoder(der); derDecoder.startSequence(); switch (derDecoder.peekType()) { case ASN1.SEQUENCE_TYPE: derDecoder.startSequence(); String algorithm = derDecoder.decodeObjectIdentifierAsKeyAlgorithm(); if (algorithm != null) { return KeyFactory.getInstance(algorithm).generatePublic(new X509EncodedKeySpec(der)); } throw log.asnUnrecognisedAlgorithm(algorithm); default: throw log.asnUnexpectedTag(); } } catch (Exception cause) { throw log.publicKeyParseError(cause); } }
private static PrivateKey parsePemPrivateKey(String type, ByteIterator byteIterator) throws IllegalArgumentException { if (! type.equals(PRIVATE_KEY_FORMAT)) { throw log.invalidPemType(PRIVATE_KEY_FORMAT, type); } try { byte[] der = byteIterator.drain(); DERDecoder derDecoder = new DERDecoder(der); derDecoder.startSequence(); // Version if (derDecoder.peekType() != ASN1.INTEGER_TYPE) throw log.asnUnexpectedTag(); derDecoder.skipElement(); // AlgorithmIdentifier derDecoder.startSequence(); String algorithm = derDecoder.decodeObjectIdentifierAsKeyAlgorithm(); if (algorithm != null) { return KeyFactory.getInstance(algorithm).generatePrivate(new PKCS8EncodedKeySpec(der)); } throw log.asnUnrecognisedAlgorithm(algorithm); } catch (Exception cause) { throw log.privateKeyParseError(cause); } }