List of usage examples for org.bouncycastle.asn1 DERSequence getObjectAt
public ASN1Encodable getObjectAt(int index)
From source file:org.demoiselle.signer.policy.engine.asn1.etsi.PolicyIssuerName.java
License:Open Source License
@Override public void parse(ASN1Primitive primitive) { if (primitive instanceof DLSequence) { DLSequence sequence = (DLSequence) primitive; ASN1Encodable asn1Encodable = sequence.getObjectAt(0); if (asn1Encodable instanceof DERTaggedObject) { DERTaggedObject derTaggedObject = (DERTaggedObject) asn1Encodable; ASN1Primitive object = derTaggedObject.getObject(); if (object instanceof DEROctetString) { OctetString octetString = new OctetString(); octetString.parse(object); this.issuerName = octetString.getValueUTF8(); } else if (object instanceof DERSequence) { DERSequence sequence2 = (DERSequence) object; for (int i = 0; i < sequence2.size(); i++) { ASN1Encodable obj = sequence2.getObjectAt(i); if (obj instanceof DERSet) { DERSet set = (DERSet) obj; ASN1Encodable object2 = set.getObjectAt(0); if (object2 instanceof DERSequence) { DERSequence sequence3 = (DERSequence) object2; ObjectIdentifier objectIdendifier = new ObjectIdentifier(); objectIdendifier.parse(sequence3.getObjectAt(0).toASN1Primitive()); String name = null; ASN1Encodable object3 = sequence3.getObjectAt(1); if (object3 instanceof DERPrintableString) { name = ((DERPrintableString) object3).getString(); } else if (object3 instanceof DERUTF8String) { name = ((DERUTF8String) object3).getString(); } else { System.out.println(policyMessagesBundle.getString("error.not.recognized.object", object3.getClass(), object3.toString())); }/*from ww w . j av a 2 s.c o m*/ if (this.issuerNames == null) { this.issuerNames = new HashMap<ObjectIdentifier, String>(); } this.issuerNames.put(objectIdendifier, name); } } } } } } }
From source file:org.deviceconnect.android.ssl.CertificateAuthority.java
License:MIT License
/** * ???? Subject Alternative Names (SANs) ??. * * @param request ???/*w ww .jav a2 s . c om*/ * @return SubjectAlternativeNames? {@link GeneralNames} * @throws IOException ????? */ private GeneralNames parseSANs(final PKCS10CertificationRequest request) throws IOException { List<ASN1Encodable> generalNames = new ArrayList<>(); CertificationRequestInfo info = request.getCertificationRequestInfo(); ASN1Set attributes = info.getAttributes(); for (int i = 0; i < attributes.size(); i++) { DEREncodable extensionRequestObj = attributes.getObjectAt(i); if (!(extensionRequestObj instanceof DERSequence)) { continue; } DERSequence extensionRequest = (DERSequence) extensionRequestObj; if (extensionRequest.size() != 2) { continue; } DEREncodable idObj = extensionRequest.getObjectAt(0); DEREncodable contentObj = extensionRequest.getObjectAt(1); if (!(idObj instanceof ASN1ObjectIdentifier && contentObj instanceof DERSet)) { continue; } ASN1ObjectIdentifier id = (ASN1ObjectIdentifier) idObj; DERSet content = (DERSet) contentObj; if (!id.getId().equals("1.2.840.113549.1.9.14")) { continue; } if (content.size() < 1) { continue; } DEREncodable extensionsObj = content.getObjectAt(0); if (!(extensionsObj instanceof DERSequence)) { continue; } DERSequence extensions = (DERSequence) extensionsObj; for (int k = 0; k < extensions.size(); k++) { DEREncodable extensionObj = extensions.getObjectAt(k); if (!(extensionObj instanceof DERSequence)) { continue; } DERSequence extension = (DERSequence) extensionObj; if (extension.size() != 2) { continue; } DEREncodable extensionIdObj = extension.getObjectAt(0); DEREncodable extensionContentObj = extension.getObjectAt(1); if (!(extensionIdObj instanceof ASN1ObjectIdentifier)) { continue; } ASN1ObjectIdentifier extensionId = (ASN1ObjectIdentifier) extensionIdObj; if (extensionId.getId().equals("2.5.29.17")) { DEROctetString san = (DEROctetString) extensionContentObj; ASN1StreamParser sanParser = new ASN1StreamParser(san.parser().getOctetStream()); DEREncodable namesObj = sanParser.readObject().getDERObject(); if (namesObj instanceof DERSequence) { DERSequence names = (DERSequence) namesObj; for (int m = 0; m < names.size(); m++) { DEREncodable nameObj = names.getObjectAt(m); if (nameObj instanceof DERTaggedObject) { DERTaggedObject name = (DERTaggedObject) nameObj; switch (name.getTagNo()) { case GeneralName.dNSName: generalNames.add(new GeneralName(GeneralName.dNSName, DERIA5String.getInstance(name, false))); break; case GeneralName.iPAddress: generalNames.add(new GeneralName(GeneralName.iPAddress, DEROctetString.getInstance(name, true))); break; } } } } } } } if (generalNames.size() > 0) { return new GeneralNames(new DERSequence(generalNames.toArray(new ASN1Encodable[generalNames.size()]))); } return null; }
From source file:org.ejbca.core.protocol.MSPKCS10RequestMessage.java
License:Open Source License
/** * Returns the name of the Certificate Template or null if not available or not known. *//*from www. j a v a2 s . co m*/ public String getMSRequestInfoTemplateName() { if (pkcs10 == null) { log.error("PKCS10 not inited!"); return null; } // Get attributes Attribute[] attributes = pkcs10.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest); if (attributes.length == 0) { log.error("Cannot find request extension."); return null; } ASN1Set set = attributes[0].getAttrValues(); DERSequence seq = (DERSequence) DERSequence.getInstance(set.getObjectAt(0)); Enumeration<?> enumeration = seq.getObjects(); while (enumeration.hasMoreElements()) { DERSequence seq2 = (DERSequence) DERSequence.getInstance(enumeration.nextElement()); ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) seq2.getObjectAt(0); if (szOID_ENROLL_CERTTYPE_EXTENSION.equals(oid.getId())) { try { DEROctetString dos = (DEROctetString) seq2.getObjectAt(1); ASN1InputStream dosAsn1InputStream = new ASN1InputStream( new ByteArrayInputStream(dos.getOctets())); try { ASN1String derobj = (ASN1String) dosAsn1InputStream.readObject(); return derobj.getString(); } finally { dosAsn1InputStream.close(); } } catch (IOException e) { log.error(e); } } } return null; }
From source file:org.ejbca.core.protocol.MSPKCS10RequestMessage.java
License:Open Source License
/** * Returns a String vector with known subject altnames: * [0] Requested GUID/*from w w w.j a va2s. c om*/ * [1] Requested DNS */ public String[] getMSRequestInfoSubjectAltnames() { String[] ret = new String[2]; // GUID, DNS so far.. if (pkcs10 == null) { log.error("PKCS10 not inited!"); return ret; } // Get attributes Attribute[] attributes = pkcs10.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest); if (attributes.length != 0) { ASN1Set set = attributes[0].getAttrValues(); DERSequence seq = (DERSequence) DERSequence.getInstance(set.getObjectAt(0)); Enumeration<?> enumeration = seq.getObjects(); while (enumeration.hasMoreElements()) { DERSequence seq2 = (DERSequence) DERSequence.getInstance(enumeration.nextElement()); ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) seq2.getObjectAt(0); if ("2.5.29.17".equals(oid.getId())) { //SubjectAN try { DEROctetString dos = (DEROctetString) seq2.getObjectAt(2); ASN1InputStream ais = new ASN1InputStream(new ByteArrayInputStream(dos.getOctets())); while (ais.available() > 0) { DERSequence seq3 = (DERSequence) ais.readObject(); Enumeration<?> enum1 = seq3.getObjects(); while (enum1.hasMoreElements()) { DERTaggedObject dto = (DERTaggedObject) enum1.nextElement(); if (dto.getTagNo() == 0) { // Sequence of OIDs and tagged objects DERSequence ds = (DERSequence) dto.getObject(); ASN1ObjectIdentifier doid = (ASN1ObjectIdentifier) ds.getObjectAt(0); if (OID_GUID.equals((doid).getId())) { DEROctetString dos3 = (DEROctetString) ((DERTaggedObject) ds.getObjectAt(1)) .getObject(); ret[0] = dos3.toString().substring(1); // Removes the initial #-sign } } else if (dto.getTagNo() == 2) { // DNS DEROctetString dos3 = (DEROctetString) dto.getObject(); ret[1] = new String(dos3.getOctets()); } } } ais.close(); } catch (IOException e) { log.error(e); } } } } return ret; }
From source file:org.glite.security.util.proxy.ProxyCertificateGenerator.java
License:Apache License
/** * Guesses the value of the CN based on the basename DN. See generateDN for the logic. * /*from w ww. java2 s . c o m*/ * @param basename the DN to use as the base of the guessing. * @param addLimited whether the new proxy will be limited or not in case the guess is olds style proxy. * @return the new CN string. */ private String guessCN(X509Name basename, boolean addLimited) { String newCN; ASN1Sequence subjectSequence = (ASN1Sequence) basename.getDERObject(); int rdns = subjectSequence.size(); DERSet rdn = (DERSet) subjectSequence.getObjectAt(rdns - 1); DERSequence rdnSequence = (DERSequence) rdn.getObjectAt(0); DERObjectIdentifier oid = (DERObjectIdentifier) rdnSequence.getObjectAt(0); if (oid.equals(X509Name.CN)) { String cn = rdnSequence.getObjectAt(1).toString(); if (cn.equals("proxy")) { // old style unlimited proxy if (addLimited) { // new proxy will be limited newCN = "limited proxy"; } else { // new proxy will still be unlimited newCN = "proxy"; } } else { if (cn.equals("limited proxy")) { // in case the proxy is old // style limited proxy, new // one will be old style // limited too newCN = "limited proxy"; } else { // otherwise generate new random number to use as CN. newCN = getSerialNumber().toString(); } } } else { // in case the DN doesn't end with a CN, assume new style proxy newCN = getSerialNumber().toString(); } return newCN; }
From source file:org.hyperledger.common.ECKeyPairTest.java
License:Apache License
@Test public void testMalleableSignature() throws Exception { for (int i = 0; i < 1000; i++) { PrivateKey key = PrivateKey.createNew(true); byte[] signature = key.sign(MESSAGE.getBytes()); ASN1StreamParser asn1 = new ASN1StreamParser(signature); DERSequence seq = (DERSequence) asn1.readObject().toASN1Primitive(); BigInteger s = ((ASN1Integer) seq.getObjectAt(1)).getPositiveValue(); assertTrue(key.getPublic().verify(MESSAGE.getBytes(), signature)); assertTrue(String.format("Signature is not canonical for iteration %d key %s", i, key), isCanonical(s)); }/* www. j av a2 s.com*/ }
From source file:org.identityconnectors.racf.BouncyCastlePEUtilities.java
License:Open Source License
public String getPassword(byte[] envelope) { ASN1InputStream aIn = null;/*www . ja v a 2s . c o m*/ try { aIn = new ASN1InputStream(envelope); Object o = null; DEROctetString oString = null; while ((o = aIn.readObject()) != null) { if (o instanceof DERSequence) { // identifier (1.2.840.113549.1.7.1) DERSequence seq = (DERSequence) o; if (seq.size() >= 2 && seq.getObjectAt(0) instanceof DERObjectIdentifier && "1.2.840.113549.1.7.1".equals(((DERObjectIdentifier) seq.getObjectAt(0)).getId())) { if (seq.getObjectAt(1) instanceof DERTaggedObject && ((DERTaggedObject) seq.getObjectAt(1)).getObject() instanceof DEROctetString) { oString = (DEROctetString) ((DERTaggedObject) seq.getObjectAt(1)).getObject(); break; } } } } aIn.close(); aIn = null; String pw = null; if (oString != null) { aIn = new ASN1InputStream(oString.getOctets()); DERSequence seq = (DERSequence) aIn.readObject(); if (seq.getObjectAt(2) instanceof DERUTF8String) { pw = ((DERUTF8String) seq.getObjectAt(2)).getString(); } aIn.close(); aIn = null; } return pw; } catch (IOException e) { try { if (aIn != null) aIn.close(); } catch (IOException e2) { } throw ConnectorException.wrap(e); } }
From source file:org.jruby.ext.openssl.x509store.BouncyCastleASN1FormatHandler.java
License:LGPL
private X509AuxCertificate readAuxCertificate(BufferedReader in, String endMarker) throws IOException { String line;// w w w .j av a 2 s. c o m StringBuffer buf = new StringBuffer(); while ((line = in.readLine()) != null) { if (line.indexOf(endMarker) != -1) { break; } buf.append(line.trim()); } if (line == null) { throw new IOException(endMarker + " not found"); } ASN1InputStream try1 = new ASN1InputStream(Base64.decode(buf.toString())); ByteArrayInputStream bIn = new ByteArrayInputStream((try1.readObject()).getEncoded()); try { CertificateFactory certFact = CertificateFactory.getInstance("X.509"); X509Certificate bCert = (X509Certificate) certFact.generateCertificate(bIn); DERSequence aux = (DERSequence) try1.readObject(); X509Aux ax = null; if (aux != null) { ax = new X509Aux(); int ix = 0; if (aux.size() > ix && aux.getObjectAt(ix) instanceof DERSequence) { DERSequence trust = (DERSequence) aux.getObjectAt(ix++); for (int i = 0; i < trust.size(); i++) { ax.trust.add(((DERObjectIdentifier) trust.getObjectAt(i)).getId()); } } if (aux.size() > ix && aux.getObjectAt(ix) instanceof DERTaggedObject && ((DERTaggedObject) aux.getObjectAt(ix)).getTagNo() == 0) { DERSequence reject = (DERSequence) ((DERTaggedObject) aux.getObjectAt(ix++)).getObject(); for (int i = 0; i < reject.size(); i++) { ax.reject.add(((DERObjectIdentifier) reject.getObjectAt(i)).getId()); } } if (aux.size() > ix && aux.getObjectAt(ix) instanceof DERUTF8String) { ax.alias = ((DERUTF8String) aux.getObjectAt(ix++)).getString(); } if (aux.size() > ix && aux.getObjectAt(ix) instanceof DEROctetString) { ax.keyid = ((DEROctetString) aux.getObjectAt(ix++)).getOctets(); } if (aux.size() > ix && aux.getObjectAt(ix) instanceof DERTaggedObject && ((DERTaggedObject) aux.getObjectAt(ix)).getTagNo() == 1) { DERSequence other = (DERSequence) ((DERTaggedObject) aux.getObjectAt(ix++)).getObject(); for (int i = 0; i < other.size(); i++) { ax.other.add((DERObject) (other.getObjectAt(i))); } } } return new X509AuxCertificate(bCert, ax); } catch (Exception e) { throw new IOException("problem parsing cert: " + e.toString()); } }
From source file:org.jruby.ext.openssl.x509store.BouncyCastleASN1FormatHandler.java
License:LGPL
@Override public PrivateKey readRSAPrivateKey(String input) throws IOException, GeneralSecurityException { KeyFactory fact = KeyFactory.getInstance("RSA"); DERSequence seq = (DERSequence) (new ASN1InputStream(ByteList.plain(input)).readObject()); if (seq.size() == 9) { BigInteger mod = ((DERInteger) seq.getObjectAt(1)).getValue(); BigInteger pubexp = ((DERInteger) seq.getObjectAt(2)).getValue(); BigInteger privexp = ((DERInteger) seq.getObjectAt(3)).getValue(); BigInteger primep = ((DERInteger) seq.getObjectAt(4)).getValue(); BigInteger primeq = ((DERInteger) seq.getObjectAt(5)).getValue(); BigInteger primeep = ((DERInteger) seq.getObjectAt(6)).getValue(); BigInteger primeeq = ((DERInteger) seq.getObjectAt(7)).getValue(); BigInteger crtcoeff = ((DERInteger) seq.getObjectAt(8)).getValue(); return fact.generatePrivate( new RSAPrivateCrtKeySpec(mod, pubexp, privexp, primep, primeq, primeep, primeeq, crtcoeff)); } else {//from ww w. j a v a 2 s. c o m return null; } }
From source file:org.jruby.ext.openssl.x509store.BouncyCastleASN1FormatHandler.java
License:LGPL
@Override public PublicKey readRSAPublicKey(String input) throws IOException, GeneralSecurityException { KeyFactory fact = KeyFactory.getInstance("RSA"); DERSequence seq = (DERSequence) (new ASN1InputStream(ByteList.plain(input)).readObject()); if (seq.size() == 2) { BigInteger mod = ((DERInteger) seq.getObjectAt(0)).getValue(); BigInteger pubexp = ((DERInteger) seq.getObjectAt(1)).getValue(); return fact.generatePublic(new RSAPublicKeySpec(mod, pubexp)); } else {// ww w .j a v a 2s. c o m return null; } }