Example usage for org.bouncycastle.asn1 DERSequence DERSequence

List of usage examples for org.bouncycastle.asn1 DERSequence DERSequence

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.asn1.*
  5. DERSequence
  6. DERSequence

Introduction

In this page you can find the example usage for org.bouncycastle.asn1 DERSequence DERSequence.

Prototype

public DERSequence(ASN1Encodable[] elements)

Source Link

Document

Create a sequence containing an array of objects.

Usage

From source file:org.glite.voms.ac.Util.java

License:eu-egee.org license

public static GeneralNames generalNameToGeneralNames(GeneralName name) {
    DEREncodableVector v = new DEREncodableVector();
    v.add(name);/*from   w w  w. ja va  2 s .c  o  m*/

    return GeneralNames.getInstance(new DERSequence(v));
}

From source file:org.glite.voms.ac.V2Form.java

License:eu-egee.org license

/**
 * Produce an object suitable for an ASN1OutputStream.
 * <pre>/*  w  ww  .j a v a2s  . c o  m*/
 *  V2Form ::= SEQUENCE {
 *       issuerName            GeneralNames  OPTIONAL,
 *       baseCertificateID     [0] IssuerSerial  OPTIONAL,
 *       objectDigestInfo      [1] ObjectDigestInfo  OPTIONAL
 *         -- issuerName MUST be present in this profile
 *         -- baseCertificateID and objectDigestInfo MUST NOT
 *         -- be present in this profile
 *  }
 * </pre>
 */
public ASN1Primitive toASN1Primitive() {
    ASN1EncodableVector v = new ASN1EncodableVector();

    if (issuerName != null) {
        // IMPLICIT encoding of GeneralNames ... gosh, how I hate ASN.1 sometimes.
        v.add(((ASN1Sequence) issuerName.toASN1Primitive()).getObjectAt(0));
    }

    if (baseCertificateID != null) {
        v.add(new DERTaggedObject(0, baseCertificateID));
    }

    if (objectDigestInfo != null) {
        v.add(new DERTaggedObject(1, objectDigestInfo));
    }

    return new DERSequence(v);
}

From source file:org.glite.voms.contact.MyProxyCertInfo.java

License:Open Source License

public ASN1Primitive toASN1Primitive() {
    DEREncodableVector vec = new DEREncodableVector();

    switch (version) {
    case GSI_3_IMPERSONATION_PROXY:
    case GSI_3_INDEPENDENT_PROXY:
    case GSI_3_LIMITED_PROXY:
    case GSI_3_RESTRICTED_PROXY:
        if (this.pathLen != -1) {
            vec.add(new DERInteger(this.pathLen));
        }//ww w .  jav a2s .c om
        vec.add(this.policy.toASN1Primitive());
        break;

    case GSI_4_IMPERSONATION_PROXY:
    case GSI_4_INDEPENDENT_PROXY:
    case GSI_4_LIMITED_PROXY:
    case GSI_4_RESTRICTED_PROXY:
        vec.add(this.policy.toASN1Primitive());
        if (this.pathLen != -1) {
            vec.add(new DERInteger(this.pathLen));
        }
        break;

    default:
        break;
    }
    return new DERSequence(vec);
}

From source file:org.glite.voms.contact.VOMSProxyBuilder.java

License:Open Source License

/**
 *
 * This method is used to create a VOMS proxy starting from the
 * {@link UserCredentials} passed as arguments and including a list of
 * {@link AttributeCertificate} objects that will be included in the proxy.
 *
 * @param cred, the {@link UserCredentials} from which the proxy must be
 * created./*from  w  w  w  .ja  va  2  s. co  m*/
 * @param ACs, the list of {@link AttributeCertificate} objects.
 * @param lifetime, the lifetime in seconds of the generated proxy.
 * @param version, the version of globus to which the proxy conforms
 * @return a {@link GlobusCredential} object that represents the proxy.
 * @throws {@link VOMSException}, if something goes wrong.
 *
 * @author Vincenzo Ciaschini
 * @author Andrea Ceccanti
 *
 *
 */
public static X509Credential buildProxy(UserCredentials cred, List ACs, int bits, int lifetime,
        CertificateType gtVersion, DelegationType delegType, String policyType) {

    if (ACs.isEmpty()) {
        throw new VOMSException(
                "Please specify a non-empty list of attribute certificate to build a voms-proxy.");
    }

    Iterator i = ACs.iterator();

    DEREncodableVector acVector = new DEREncodableVector();

    while (i.hasNext()) {
        acVector.add((AttributeCertificate) i.next());
    }

    HashMap extensions = new HashMap();

    if (ACs.size() != 0) {
        DERSequence seqac = new DERSequence(acVector);
        DERSequence seqacwrap = new DERSequence(seqac);
        extensions.put("1.3.6.1.4.1.8005.100.100.5",
                ExtensionData.creator("1.3.6.1.4.1.8005.100.100.5", seqacwrap));
    }

    KeyUsage keyUsage = new KeyUsage(
            KeyUsage.digitalSignature | KeyUsage.keyEncipherment | KeyUsage.dataEncipherment);
    extensions.put("2.5.29.15", ExtensionData.creator("2.5.29.15", keyUsage.toASN1Primitive()));

    //        try {
    X509Credential proxy = myCreateCredential(cred.getUserChain(), cred.getUserKey(), bits, lifetime, delegType,
            gtVersion, extensions, policyType);

    return proxy;

    //         } catch ( GeneralSecurityException e ) {

    //             log.error( "Error generating voms proxy: " + e.getMessage() );

    //             if ( log.isDebugEnabled() )
    //                 log.error( e.getMessage(), e );

    //             throw new VOMSException( e );

    //         }

}

From source file:org.glite.voms.contact.X509NameHelper.java

License:Apache License

/**
 * Appends the specified OID and value pair name component to the end of the
 * current name.//from ww  w  . j av  a2  s.  c o  m
 *
 * @param oid the name component oid, e.g. {@link X509Name#CN
 *              X509Name.CN}
 * @param value the value (e.g. "proxy")
 */
public void add(DERObjectIdentifier oid, String value) {
    ASN1EncodableVector v = new ASN1EncodableVector();
    v.add(oid);
    v.add(new DERPrintableString(value));
    add(new DERSet(new DERSequence(v)));
}

From source file:org.glite.voms.contact.X509NameHelper.java

License:Apache License

/**
 * Appends the specified name component entry to the current name. This can
 * be used to add handle multiple AVAs in one name component.
 *
 * @param entry the name component to add.
 *///  ww  w  . j  a va  2  s  . co m
public void add(ASN1Set entry) {
    ASN1EncodableVector v = new ASN1EncodableVector();
    int size = seq.size();
    for (int i = 0; i < size; i++) {
        v.add(seq.getObjectAt(i));
    }
    v.add(entry);
    seq = new DERSequence(v);
}

From source file:org.globus.gsi.bc.BouncyCastleCertProcessingFactoryTest.java

License:Apache License

public void testResctrictedWithOtherExt() throws Exception {

    ClassLoader loader = BouncyCastleCertProcessingFactoryTest.class.getClassLoader();
    GlobusCredential cred = new GlobusCredential(loader.getResource(proxyFile).getPath());

    X509Extension ext = null;//from  w  w w.j a  va2s  .c  o m

    String oid = "1.2.3.4";
    String expectedValue = "foo";
    boolean critical = false;

    String policyOid = "1.2.3.4.5.6.7.8.9";
    String policyValue = "bar";

    X509ExtensionSet extSet = new X509ExtensionSet();
    ext = new X509Extension(oid, critical, expectedValue.getBytes());
    extSet.add(ext);

    DERSequence seq = new DERSequence(new ASN1Encodable[] { DERBoolean.FALSE, new ASN1Integer(15) });
    BasicConstraints constraints = BasicConstraints.getInstance(seq);
    ext = new BouncyCastleX509Extension(org.bouncycastle.asn1.x509.X509Extension.basicConstraints.getId(),
            false, constraints);
    extSet.add(ext);

    ProxyPolicy policy = new ProxyPolicy(policyOid, policyValue.getBytes());
    ext = new ProxyCertInfoExtension(new ProxyCertInfo(policy));
    extSet.add(ext);

    GlobusCredential newCred = factory.createCredential(cred.getCertificateChain(), cred.getPrivateKey(), 512,
            60 * 60, GSIConstants.GSI_3_RESTRICTED_PROXY, extSet, null);

    X509Certificate newCert = newCred.getCertificateChain()[0];
    verifyExtension(newCert, oid, expectedValue, critical);

    byte[] realValue = BouncyCastleUtil.getExtensionValue(newCert, ProxyCertInfo.OID.getId());
    assertTrue(realValue != null && realValue.length > 0);

    ProxyCertInfo proxyCertInfo = ProxyCertInfo.getInstance(realValue);

    assertTrue(proxyCertInfo != null);
    assertTrue(proxyCertInfo.getProxyPolicy() != null);
    assertEquals(policyOid, proxyCertInfo.getProxyPolicy().getPolicyLanguage().getId());
    assertEquals(policyValue, proxyCertInfo.getProxyPolicy().getPolicyAsString());
}

From source file:org.globus.gsi.bc.X500NameHelper.java

License:Apache License

/**
 * Creates an instance using existing {@link X500Name X500Name} 
 * object. //from  www .j  a v  a 2 s .c o  m
 * This behaves like a copy constructor.
 *
 * @param name existing <code>X500Name</code>
 */
public X500NameHelper(X500Name name) {
    RDN[] rdns = name.getRDNs();
    if (GlobusStyle.toRevert(name)) {
        GlobusStyle.swap(rdns);
    }
    this.seq = new DERSequence(rdns);
}

From source file:org.globus.gsi.bc.X500NameHelper.java

License:Apache License

/**
 * Appends the specified OID and value pair name component to the end of the
 * current name.//  w  w  w . j a  va2  s  . c  o  m
 *
 * @param oid   the name component oid, e.g. {@link X500Name#CN
 *              X500Name.CN}
 * @param value the value (e.g. "proxy")
 */
public X500NameHelper add(ASN1ObjectIdentifier oid, String value) {
    ASN1EncodableVector v = new ASN1EncodableVector();
    v.add(oid);
    v.add(new DERPrintableString(value));
    add(new DERSet(new DERSequence(v)));
    return this;
}

From source file:org.globus.gsi.bc.X500NameHelper.java

License:Apache License

/**
 * Appends the specified name component entry to the current name. This can
 * be used to add handle multiple AVAs in one name component.
 *
 * @param entry the name component to add.
 *//* www .j  a va 2  s  . c  o  m*/
public X500NameHelper add(ASN1Set entry) {
    ASN1EncodableVector v = new ASN1EncodableVector();
    int size = seq.size();
    for (int i = 0; i < size; i++) {
        v.add(seq.getObjectAt(i));
    }
    v.add(entry);
    seq = new DERSequence(v);
    return this;
}