List of usage examples for org.bouncycastle.asn1 ASN1Sequence getObjectAt
public ASN1Encodable getObjectAt(int index)
From source file:eu.emi.security.authn.x509.helpers.pkipath.bc.FixedBCPKIXCertPathReviewer.java
License:Open Source License
private void checkPolicy() { ///*ww w . j ava 2 s. c o m*/ // 6.1.1 Inputs // // c) Initial Policy Set Set userInitialPolicySet = pkixParams.getInitialPolicies(); // e) f) g) are part of pkixParams // // 6.1.2 Initialization // // a) valid policy tree List[] policyNodes = new ArrayList[n + 1]; for (int j = 0; j < policyNodes.length; j++) { policyNodes[j] = new ArrayList(); } Set policySet = new HashSet(); policySet.add(ANY_POLICY); PKIXPolicyNode validPolicyTree = new PKIXPolicyNode(new ArrayList(), 0, policySet, null, new HashSet(), ANY_POLICY, false); policyNodes[0].add(validPolicyTree); // d) explicit policy int explicitPolicy; if (pkixParams.isExplicitPolicyRequired()) { explicitPolicy = 0; } else { explicitPolicy = n + 1; } // e) inhibit any policy int inhibitAnyPolicy; if (pkixParams.isAnyPolicyInhibited()) { inhibitAnyPolicy = 0; } else { inhibitAnyPolicy = n + 1; } // f) policy mapping int policyMapping; if (pkixParams.isPolicyMappingInhibited()) { policyMapping = 0; } else { policyMapping = n + 1; } Set acceptablePolicies = null; // // 6.1.3 Basic Certificate processing // X509Certificate cert = null; int index; int i; try { for (index = certs.size() - 1; index >= 0; index--) { // i as defined in the algorithm description i = n - index; // set certificate to be checked in this round cert = (X509Certificate) certs.get(index); // d) process policy information ASN1Sequence certPolicies; try { certPolicies = (ASN1Sequence) getExtensionValue(cert, CERTIFICATE_POLICIES); } catch (AnnotatedException ae) { ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.policyExtError"); throw new CertPathReviewerException(msg, ae, certPath, index); } if (certPolicies != null && validPolicyTree != null) { // d) 1) Enumeration e = certPolicies.getObjects(); Set pols = new HashSet(); while (e.hasMoreElements()) { PolicyInformation pInfo = PolicyInformation.getInstance(e.nextElement()); ASN1ObjectIdentifier pOid = pInfo.getPolicyIdentifier(); pols.add(pOid.getId()); if (!ANY_POLICY.equals(pOid.getId())) { Set pq; try { pq = getQualifierSet(pInfo.getPolicyQualifiers()); } catch (CertPathValidatorException cpve) { ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.policyQualifierError"); throw new CertPathReviewerException(msg, cpve, certPath, index); } boolean match = processCertD1i(i, policyNodes, pOid, pq); if (!match) { processCertD1ii(i, policyNodes, pOid, pq); } } } if (acceptablePolicies == null || acceptablePolicies.contains(ANY_POLICY)) { acceptablePolicies = pols; } else { Iterator it = acceptablePolicies.iterator(); Set t1 = new HashSet(); while (it.hasNext()) { Object o = it.next(); if (pols.contains(o)) { t1.add(o); } } acceptablePolicies = t1; } // d) 2) if ((inhibitAnyPolicy > 0) || ((i < n) && isSelfIssued(cert))) { e = certPolicies.getObjects(); while (e.hasMoreElements()) { PolicyInformation pInfo = PolicyInformation.getInstance(e.nextElement()); if (ANY_POLICY.equals(pInfo.getPolicyIdentifier().getId())) { Set _apq; try { _apq = getQualifierSet(pInfo.getPolicyQualifiers()); } catch (CertPathValidatorException cpve) { ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.policyQualifierError"); throw new CertPathReviewerException(msg, cpve, certPath, index); } List _nodes = policyNodes[i - 1]; for (int k = 0; k < _nodes.size(); k++) { PKIXPolicyNode _node = (PKIXPolicyNode) _nodes.get(k); Iterator _policySetIter = _node.getExpectedPolicies().iterator(); while (_policySetIter.hasNext()) { Object _tmp = _policySetIter.next(); String _policy; if (_tmp instanceof String) { _policy = (String) _tmp; } else if (_tmp instanceof ASN1ObjectIdentifier) { _policy = ((ASN1ObjectIdentifier) _tmp).getId(); } else { continue; } boolean _found = false; Iterator _childrenIter = _node.getChildren(); while (_childrenIter.hasNext()) { PKIXPolicyNode _child = (PKIXPolicyNode) _childrenIter.next(); if (_policy.equals(_child.getValidPolicy())) { _found = true; } } if (!_found) { Set _newChildExpectedPolicies = new HashSet(); _newChildExpectedPolicies.add(_policy); PKIXPolicyNode _newChild = new PKIXPolicyNode(new ArrayList(), i, _newChildExpectedPolicies, _node, _apq, _policy, false); _node.addChild(_newChild); policyNodes[i].add(_newChild); } } } break; } } } // // (d) (3) // for (int j = (i - 1); j >= 0; j--) { List nodes = policyNodes[j]; for (int k = 0; k < nodes.size(); k++) { PKIXPolicyNode node = (PKIXPolicyNode) nodes.get(k); if (!node.hasChildren()) { validPolicyTree = removePolicyNode(validPolicyTree, policyNodes, node); if (validPolicyTree == null) { break; } } } } // // d (4) // Set criticalExtensionOids = cert.getCriticalExtensionOIDs(); if (criticalExtensionOids != null) { boolean critical = criticalExtensionOids.contains(CERTIFICATE_POLICIES); List nodes = policyNodes[i]; for (int j = 0; j < nodes.size(); j++) { PKIXPolicyNode node = (PKIXPolicyNode) nodes.get(j); node.setCritical(critical); } } } // e) if (certPolicies == null) { validPolicyTree = null; } // f) if (explicitPolicy <= 0 && validPolicyTree == null) { ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.noValidPolicyTree"); throw new CertPathReviewerException(msg); } // // 6.1.4 preparation for next Certificate // if (i != n) { // a) ASN1Primitive pm; try { pm = getExtensionValue(cert, POLICY_MAPPINGS); } catch (AnnotatedException ae) { ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.policyMapExtError"); throw new CertPathReviewerException(msg, ae, certPath, index); } if (pm != null) { ASN1Sequence mappings = (ASN1Sequence) pm; for (int j = 0; j < mappings.size(); j++) { ASN1Sequence mapping = (ASN1Sequence) mappings.getObjectAt(j); ASN1ObjectIdentifier ip_id = (ASN1ObjectIdentifier) mapping.getObjectAt(0); ASN1ObjectIdentifier sp_id = (ASN1ObjectIdentifier) mapping.getObjectAt(1); if (ANY_POLICY.equals(ip_id.getId())) { ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.invalidPolicyMapping"); throw new CertPathReviewerException(msg, certPath, index); } if (ANY_POLICY.equals(sp_id.getId())) { ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.invalidPolicyMapping"); throw new CertPathReviewerException(msg, certPath, index); } } } // b) if (pm != null) { ASN1Sequence mappings = (ASN1Sequence) pm; Map m_idp = new HashMap(); Set s_idp = new HashSet(); for (int j = 0; j < mappings.size(); j++) { ASN1Sequence mapping = (ASN1Sequence) mappings.getObjectAt(j); String id_p = ((ASN1ObjectIdentifier) mapping.getObjectAt(0)).getId(); String sd_p = ((ASN1ObjectIdentifier) mapping.getObjectAt(1)).getId(); Set tmp; if (!m_idp.containsKey(id_p)) { tmp = new HashSet(); tmp.add(sd_p); m_idp.put(id_p, tmp); s_idp.add(id_p); } else { tmp = (Set) m_idp.get(id_p); tmp.add(sd_p); } } Iterator it_idp = s_idp.iterator(); while (it_idp.hasNext()) { String id_p = (String) it_idp.next(); // // (1) // if (policyMapping > 0) { try { prepareNextCertB1(i, policyNodes, id_p, m_idp, cert); } catch (AnnotatedException ae) { // error processing certificate policies extension ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.policyExtError"); throw new CertPathReviewerException(msg, ae, certPath, index); } catch (CertPathValidatorException cpve) { // error building qualifier set ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.policyQualifierError"); throw new CertPathReviewerException(msg, cpve, certPath, index); } // // (2) // } else if (policyMapping <= 0) { validPolicyTree = prepareNextCertB2(i, policyNodes, id_p, validPolicyTree); } } } // // h) // if (!isSelfIssued(cert)) { // (1) if (explicitPolicy != 0) { explicitPolicy--; } // (2) if (policyMapping != 0) { policyMapping--; } // (3) if (inhibitAnyPolicy != 0) { inhibitAnyPolicy--; } } // // i) // try { ASN1Sequence pc = (ASN1Sequence) getExtensionValue(cert, POLICY_CONSTRAINTS); if (pc != null) { Enumeration policyConstraints = pc.getObjects(); while (policyConstraints.hasMoreElements()) { ASN1TaggedObject constraint = (ASN1TaggedObject) policyConstraints.nextElement(); int tmpInt; switch (constraint.getTagNo()) { case 0: tmpInt = ASN1Integer.getInstance(constraint, false).getValue().intValue(); if (tmpInt < explicitPolicy) { explicitPolicy = tmpInt; } break; case 1: tmpInt = ASN1Integer.getInstance(constraint, false).getValue().intValue(); if (tmpInt < policyMapping) { policyMapping = tmpInt; } break; } } } } catch (AnnotatedException ae) { ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.policyConstExtError"); throw new CertPathReviewerException(msg, certPath, index); } // // j) // try { ASN1Integer iap = (ASN1Integer) getExtensionValue(cert, INHIBIT_ANY_POLICY); if (iap != null) { int _inhibitAnyPolicy = iap.getValue().intValue(); if (_inhibitAnyPolicy < inhibitAnyPolicy) { inhibitAnyPolicy = _inhibitAnyPolicy; } } } catch (AnnotatedException ae) { ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.policyInhibitExtError"); throw new CertPathReviewerException(msg, certPath, index); } } } // // 6.1.5 Wrap up // // // a) // if (!isSelfIssued(cert) && explicitPolicy > 0) { explicitPolicy--; } // // b) // try { ASN1Sequence pc = (ASN1Sequence) getExtensionValue(cert, POLICY_CONSTRAINTS); if (pc != null) { Enumeration policyConstraints = pc.getObjects(); while (policyConstraints.hasMoreElements()) { ASN1TaggedObject constraint = (ASN1TaggedObject) policyConstraints.nextElement(); switch (constraint.getTagNo()) { case 0: int tmpInt = ASN1Integer.getInstance(constraint, false).getValue().intValue(); if (tmpInt == 0) { explicitPolicy = 0; } break; } } } } catch (AnnotatedException e) { ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.policyConstExtError"); throw new CertPathReviewerException(msg, certPath, index); } // // (g) // PKIXPolicyNode intersection; // // (g) (i) // if (validPolicyTree == null) { if (pkixParams.isExplicitPolicyRequired()) { ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.explicitPolicy"); throw new CertPathReviewerException(msg, certPath, index); } intersection = null; } else if (isAnyPolicy(userInitialPolicySet)) // (g) (ii) { if (pkixParams.isExplicitPolicyRequired()) { if (acceptablePolicies.isEmpty()) { ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.explicitPolicy"); throw new CertPathReviewerException(msg, certPath, index); } else { Set _validPolicyNodeSet = new HashSet(); for (int j = 0; j < policyNodes.length; j++) { List _nodeDepth = policyNodes[j]; for (int k = 0; k < _nodeDepth.size(); k++) { PKIXPolicyNode _node = (PKIXPolicyNode) _nodeDepth.get(k); if (ANY_POLICY.equals(_node.getValidPolicy())) { Iterator _iter = _node.getChildren(); while (_iter.hasNext()) { _validPolicyNodeSet.add(_iter.next()); } } } } Iterator _vpnsIter = _validPolicyNodeSet.iterator(); while (_vpnsIter.hasNext()) { PKIXPolicyNode _node = (PKIXPolicyNode) _vpnsIter.next(); String _validPolicy = _node.getValidPolicy(); if (!acceptablePolicies.contains(_validPolicy)) { //validPolicyTree = removePolicyNode(validPolicyTree, policyNodes, _node); } } if (validPolicyTree != null) { for (int j = (n - 1); j >= 0; j--) { List nodes = policyNodes[j]; for (int k = 0; k < nodes.size(); k++) { PKIXPolicyNode node = (PKIXPolicyNode) nodes.get(k); if (!node.hasChildren()) { validPolicyTree = removePolicyNode(validPolicyTree, policyNodes, node); } } } } } } intersection = validPolicyTree; } else { // // (g) (iii) // // This implementation is not exactly same as the one described in RFC3280. // However, as far as the validation result is concerned, both produce // adequate result. The only difference is whether AnyPolicy is remain // in the policy tree or not. // // (g) (iii) 1 // Set _validPolicyNodeSet = new HashSet(); for (int j = 0; j < policyNodes.length; j++) { List _nodeDepth = policyNodes[j]; for (int k = 0; k < _nodeDepth.size(); k++) { PKIXPolicyNode _node = (PKIXPolicyNode) _nodeDepth.get(k); if (ANY_POLICY.equals(_node.getValidPolicy())) { Iterator _iter = _node.getChildren(); while (_iter.hasNext()) { PKIXPolicyNode _c_node = (PKIXPolicyNode) _iter.next(); if (!ANY_POLICY.equals(_c_node.getValidPolicy())) { _validPolicyNodeSet.add(_c_node); } } } } } // // (g) (iii) 2 // Iterator _vpnsIter = _validPolicyNodeSet.iterator(); while (_vpnsIter.hasNext()) { PKIXPolicyNode _node = (PKIXPolicyNode) _vpnsIter.next(); String _validPolicy = _node.getValidPolicy(); if (!userInitialPolicySet.contains(_validPolicy)) { validPolicyTree = removePolicyNode(validPolicyTree, policyNodes, _node); } } // // (g) (iii) 4 // if (validPolicyTree != null) { for (int j = (n - 1); j >= 0; j--) { List nodes = policyNodes[j]; for (int k = 0; k < nodes.size(); k++) { PKIXPolicyNode node = (PKIXPolicyNode) nodes.get(k); if (!node.hasChildren()) { validPolicyTree = removePolicyNode(validPolicyTree, policyNodes, node); } } } } intersection = validPolicyTree; } if ((explicitPolicy <= 0) && (intersection == null)) { ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.invalidPolicy"); throw new CertPathReviewerException(msg); } validPolicyTree = intersection; } catch (CertPathReviewerException cpre) { addError(cpre.getErrorMessage(), cpre.getIndex()); validPolicyTree = null; } }
From source file:eu.emi.security.authn.x509.helpers.pkipath.bc.FixedBCPKIXCertPathReviewer.java
License:Open Source License
private boolean processQcStatements(X509Certificate cert, int index) { try {/*ww w .j a v a 2s .co m*/ boolean unknownStatement = false; ASN1Sequence qcSt = (ASN1Sequence) getExtensionValue(cert, QC_STATEMENT); for (int j = 0; j < qcSt.size(); j++) { QCStatement stmt = QCStatement.getInstance(qcSt.getObjectAt(j)); if (QCStatement.id_etsi_qcs_QcCompliance.equals(stmt.getStatementId())) { // process statement - just write a notification that the certificate contains this statement ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.QcEuCompliance"); addNotification(msg, index); } else if (QCStatement.id_qcs_pkixQCSyntax_v1.equals(stmt.getStatementId())) { // process statement - just recognize the statement } else if (QCStatement.id_etsi_qcs_QcSSCD.equals(stmt.getStatementId())) { // process statement - just write a notification that the certificate contains this statement ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.QcSSCD"); addNotification(msg, index); } else if (QCStatement.id_etsi_qcs_LimiteValue.equals(stmt.getStatementId())) { // process statement - write a notification containing the limit value MonetaryValue limit = MonetaryValue.getInstance(stmt.getStatementInfo()); Iso4217CurrencyCode currency = limit.getCurrency(); double value = limit.getAmount().doubleValue() * Math.pow(10, limit.getExponent().doubleValue()); ErrorBundle msg; if (limit.getCurrency().isAlphabetic()) { msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.QcLimitValueAlpha", new Object[] { limit.getCurrency().getAlphabetic(), new TrustedInput(new Double(value)), limit }); } else { msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.QcLimitValueNum", new Object[] { new Integer(limit.getCurrency().getNumeric()), new TrustedInput(new Double(value)), limit }); } addNotification(msg, index); } else { ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.QcUnknownStatement", new Object[] { stmt.getStatementId(), new UntrustedInput(stmt) }); addNotification(msg, index); unknownStatement = true; } } return !unknownStatement; } catch (AnnotatedException ae) { ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.QcStatementExtError"); addError(msg, index); } return false; }
From source file:eu.emi.security.authn.x509.helpers.proxy.ProxyAddressRestrictionData.java
License:Open Source License
/** * Parses the restriction data from byte array. * /*from www . j a v a2 s. c o m*/ * @param bytes The byte array to parse. * @throws IOException In case there is a problem parsing the structure. */ public ProxyAddressRestrictionData(byte[] bytes) throws IOException { ASN1Sequence nameSpaceRestrictionsSeq = (ASN1Sequence) ASN1Primitive.fromByteArray(bytes); switch (nameSpaceRestrictionsSeq.size()) { case 0: return; case 1: DERTaggedObject taggedSequence = (DERTaggedObject) nameSpaceRestrictionsSeq.getObjectAt(0); if (taggedSequence.getTagNo() == 0) { copyCondSequenceToVector((DERSequence) taggedSequence.getObject(), permittedGeneralSubtrees); } else { if (taggedSequence.getTagNo() == 1) { copyCondSequenceToVector((DERSequence) taggedSequence.getObject(), excludedGeneralSubtrees); } else { throw new IllegalArgumentException( "Illegal tag number in the proxy restriction NameConstraints data structure: " + taggedSequence.getTagNo() + ", should have been 0 or 1"); } } break; case 2: taggedSequence = (DERTaggedObject) nameSpaceRestrictionsSeq.getObjectAt(0); if (taggedSequence.getTagNo() == 0) { copyCondSequenceToVector((DERSequence) taggedSequence.getObject(), permittedGeneralSubtrees); } else { throw new IllegalArgumentException( "Illegal tag number in the proxy restriction NameConstraints data structure at the first position: " + taggedSequence.getTagNo() + ", should have been 0"); } taggedSequence = (DERTaggedObject) nameSpaceRestrictionsSeq.getObjectAt(1); if (taggedSequence.getTagNo() == 1) { copyCondSequenceToVector((DERSequence) taggedSequence.getObject(), excludedGeneralSubtrees); } else { throw new IllegalArgumentException( "Illegal tag number in the proxy restriction NameConstraints data structure at the second position: " + taggedSequence.getTagNo() + ", should have been 1"); } break; default: throw new IllegalArgumentException( "Illegal number of items in the proxy restriction NameConstraints data structure: " + nameSpaceRestrictionsSeq.size() + ", should have been 0 to 2"); } }
From source file:eu.emi.security.authn.x509.helpers.proxy.ProxyCertInfoExtension.java
License:Open Source License
/** * Read a proxyCertInfoExtension from the ASN1 sequence. * /*from w w w. ja va 2 s . com*/ * @param seq * The sequence containing the extension. * @throws IOException */ public ProxyCertInfoExtension(ASN1Sequence seq) throws IOException { int index = 0; if (seq == null || seq.size() == 0) throw new IOException("ProxyCertInfoExtension is empty"); if (seq.getObjectAt(0) instanceof ASN1Integer) { pathLen = ((ASN1Integer) seq.getObjectAt(0)).getValue().intValue(); index = 1; } if (seq.size() <= index) throw new IOException("ProxyCertInfoExtension parser error, expected policy, but it was not found"); if (seq.getObjectAt(index) instanceof DLSequence) { policy = new ProxyPolicy((DLSequence) seq.getObjectAt(index)); } else { throw new IOException("ProxyCertInfoExtension parser error, expected policy sequence, but got: " + seq.getObjectAt(index).getClass()); } index++; if (seq.size() > index) throw new IOException("ProxyCertInfoExtension parser error, sequence contains too many items"); }
From source file:eu.emi.security.authn.x509.proxy.ProxyPolicy.java
License:Open Source License
/** * Read a new proxy policy object from the ASN1 sequence. * // ww w. ja va 2 s . c o m * @param seq * The proxy policy ASN1 sequence. */ public ProxyPolicy(ASN1Sequence seq) { if (seq != null && seq.size() > 0) { if (seq.getObjectAt(0) instanceof ASN1ObjectIdentifier) { oid = seq.getObjectAt(0).toString(); } else { throw new IllegalArgumentException("ProxyPolicy parser error, expected object identifier, but got:" + seq.getObjectAt(0).getClass()); } } else { throw new IllegalArgumentException( "ProxyPolicy parser error, expected nonempty sequence, but not no sequence or an empty sequence"); } if (seq.size() > 1) { if (seq.getObjectAt(1) instanceof DEROctetString) { this.policy = (ASN1OctetString) seq.getObjectAt(1); } else { throw new IllegalArgumentException( "ProxyPolicy parser error, expected octetstring but got: " + seq.getObjectAt(1).getClass()); } } if (seq.size() > 2) { throw new IllegalArgumentException( "ProxyPolicy parser error, proxy policy can only have two items, got: " + seq.size() + "items."); } }
From source file:eu.europa.ec.markt.dss.DSSUtils.java
License:Open Source License
public static List<String> getPolicyIdentifiers(final X509Certificate cert) { final byte[] certificatePolicies = cert.getExtensionValue(X509Extension.certificatePolicies.getId()); if (certificatePolicies == null) { return Collections.emptyList(); }/*from w w w . ja v a 2s. c o m*/ ASN1InputStream input = null; ASN1Sequence seq = null; try { input = new ASN1InputStream(certificatePolicies); final DEROctetString s = (DEROctetString) input.readObject(); final byte[] content = s.getOctets(); input.close(); input = new ASN1InputStream(content); seq = (ASN1Sequence) input.readObject(); } catch (IOException e) { throw new DSSException("Error when computing certificate's extensions.", e); } finally { closeQuietly(input); } final List<String> policyIdentifiers = new ArrayList<String>(); for (int ii = 0; ii < seq.size(); ii++) { final PolicyInformation policyInfo = PolicyInformation.getInstance(seq.getObjectAt(ii)); // System.out.println("\t----> PolicyIdentifier: " + policyInfo.getPolicyIdentifier().getId()); policyIdentifiers.add(policyInfo.getPolicyIdentifier().getId()); } return policyIdentifiers; }
From source file:eu.europa.ec.markt.dss.DSSUtils.java
License:Open Source License
public static List<String> getQCStatementsIdList(final X509Certificate x509Certificate) { final List<String> extensionIdList = new ArrayList<String>(); final byte[] qcStatement = x509Certificate.getExtensionValue(X509Extension.qCStatements.getId()); if (qcStatement != null) { ASN1InputStream input = null; try {// www .j a v a2 s .c om input = new ASN1InputStream(qcStatement); final DEROctetString s = (DEROctetString) input.readObject(); final byte[] content = s.getOctets(); input.close(); input = new ASN1InputStream(content); final ASN1Sequence seq = (ASN1Sequence) input.readObject(); /* Sequence of QCStatement */ for (int ii = 0; ii < seq.size(); ii++) { final QCStatement statement = QCStatement.getInstance(seq.getObjectAt(ii)); extensionIdList.add(statement.getStatementId().getId()); } } catch (IOException e) { throw new DSSException(e); } finally { DSSUtils.closeQuietly(input); } } return extensionIdList; }
From source file:eu.europa.ec.markt.dss.signature.cades.CadesLevelBaselineLTATimestampExtractor.java
License:Open Source License
/** * Extract the Unsigned Attribute Archive Timestamp Attribute Hash Index from a timestampToken * * @param timestampToken//from w w w . j a v a2 s .c o m * @return */ private ASN1Sequence getUnsignedAttributesHashIndex(TimestampToken timestampToken) { final ASN1Sequence timestampAttributeAtsHashIndexValue = getAtsHashIndex(timestampToken); int UNSIGNED_ATTRIBUTES_INDEX = 2; if (timestampAttributeAtsHashIndexValue.size() > 3) { UNSIGNED_ATTRIBUTES_INDEX++; } return (ASN1Sequence) timestampAttributeAtsHashIndexValue.getObjectAt(UNSIGNED_ATTRIBUTES_INDEX) .toASN1Primitive(); }
From source file:eu.europa.ec.markt.dss.signature.cades.CadesLevelBaselineLTATimestampExtractor.java
License:Open Source License
/** * Extract the Unsigned Attribute Archive Timestamp Crl Hash Index from a timestampToken * * @param timestampToken/*from w w w . jav a 2s . c o m*/ * @return */ private ASN1Sequence getCRLHashIndex(TimestampToken timestampToken) { final ASN1Sequence timestampAttributeAtsHashIndexValue = getAtsHashIndex(timestampToken); int CRL_INDEX = 1; if (timestampAttributeAtsHashIndexValue.size() > 3) { CRL_INDEX++; } return (ASN1Sequence) timestampAttributeAtsHashIndexValue.getObjectAt(CRL_INDEX).toASN1Primitive(); }
From source file:eu.europa.ec.markt.dss.signature.cades.CadesLevelBaselineLTATimestampExtractor.java
License:Open Source License
/** * Extract the Unsigned Attribute Archive Timestamp Cert Hash Index from a timestampToken * * @param timestampToken//from w w w. ja va 2 s .c o m * @return */ private ASN1Sequence getCertificatesHashIndex(TimestampToken timestampToken) { final ASN1Sequence timestampAttributeAtsHashIndexValue = getAtsHashIndex(timestampToken); int CERT_INDEX = 0; if (timestampAttributeAtsHashIndexValue.size() > 3) { CERT_INDEX++; } return (ASN1Sequence) timestampAttributeAtsHashIndexValue.getObjectAt(CERT_INDEX).toASN1Primitive(); }