Examples with Asn1OpaqueObject - com.android.apksig.internal.asn1.Asn1OpaqueObject

Example 1 with Asn1OpaqueObject

use of com.android.apksig.internal.asn1.Asn1OpaqueObject in project apksig by venshine.

the class Asn1BerParser method parseSetOf.

// NOTE: This method returns List rather than Set because ASN.1 SET_OF does require uniqueness
// of elements -- it's an unordered collection.
@SuppressWarnings("unchecked")
private static <T> List<T> parseSetOf(BerDataValue container, Class<T> elementClass) throws Asn1DecodingException {
    List<T> result = new ArrayList<>();
    BerDataValueReader elementsReader = container.contentsReader();
    while (true) {
        BerDataValue dataValue;
        try {
            dataValue = elementsReader.readDataValue();
        } catch (BerDataValueFormatException e) {
            throw new Asn1DecodingException("Malformed data value", e);
        }
        if (dataValue == null) {
            break;
        }
        T element;
        if (ByteBuffer.class.equals(elementClass)) {
            element = (T) dataValue.getEncodedContents();
        } else if (Asn1OpaqueObject.class.equals(elementClass)) {
            element = (T) new Asn1OpaqueObject(dataValue.getEncoded());
        } else {
            element = parse(dataValue, elementClass);
        }
        result.add(element);
    }
    return result;
}

Also used : BerDataValue(com.android.apksig.internal.asn1.ber.BerDataValue) BerDataValueFormatException(com.android.apksig.internal.asn1.ber.BerDataValueFormatException) ArrayList(java.util.ArrayList) ByteBufferBerDataValueReader(com.android.apksig.internal.asn1.ber.ByteBufferBerDataValueReader) BerDataValueReader(com.android.apksig.internal.asn1.ber.BerDataValueReader)

Example 2 with Asn1OpaqueObject

use of com.android.apksig.internal.asn1.Asn1OpaqueObject in project apksig by venshine.

the class Certificate method parseCertificates.

public static List<X509Certificate> parseCertificates(List<Asn1OpaqueObject> encodedCertificates) throws CertificateException {
    if (encodedCertificates.isEmpty()) {
        return Collections.emptyList();
    }
    List<X509Certificate> result = new ArrayList<>(encodedCertificates.size());
    for (int i = 0; i < encodedCertificates.size(); i++) {
        Asn1OpaqueObject encodedCertificate = encodedCertificates.get(i);
        X509Certificate certificate;
        byte[] encodedForm = ByteBufferUtils.toByteArray(encodedCertificate.getEncoded());
        try {
            certificate = X509CertificateUtils.generateCertificate(encodedForm);
        } catch (CertificateException e) {
            throw new CertificateException("Failed to parse certificate #" + (i + 1), e);
        }
        // Wrap the cert so that the result's getEncoded returns exactly the original
        // encoded form. Without this, getEncoded may return a different form from what was
        // stored in the signature. This is because some X509Certificate(Factory)
        // implementations re-encode certificates and/or some implementations of
        // X509Certificate.getEncoded() re-encode certificates.
        certificate = new GuaranteedEncodedFormX509Certificate(certificate, encodedForm);
        result.add(certificate);
    }
    return result;
}

Also used : GuaranteedEncodedFormX509Certificate(com.android.apksig.internal.util.GuaranteedEncodedFormX509Certificate) ArrayList(java.util.ArrayList) CertificateException(java.security.cert.CertificateException) Asn1OpaqueObject(com.android.apksig.internal.asn1.Asn1OpaqueObject) X509Certificate(java.security.cert.X509Certificate) GuaranteedEncodedFormX509Certificate(com.android.apksig.internal.util.GuaranteedEncodedFormX509Certificate)

Example 3 with Asn1OpaqueObject

use of com.android.apksig.internal.asn1.Asn1OpaqueObject in project apksig by venshine.

the class ApkSigningBlockUtils method generatePkcs7DerEncodedMessage.

/**
 * Wrap the signature according to CMS PKCS #7 RFC 5652.
 * The high-level simplified structure is as follows:
 * // ContentInfo
 *     //   digestAlgorithm
 *     //   SignedData
 *     //     bag of certificates
 *     //     SignerInfo
 *     //       signing cert issuer and serial number (for locating the cert in the above bag)
 *     //       digestAlgorithm
 *     //       signatureAlgorithm
 *     //       signature
 *
 * @throws Asn1EncodingException if the ASN.1 structure could not be encoded
 */
public static byte[] generatePkcs7DerEncodedMessage(byte[] signatureBytes, ByteBuffer data, List<X509Certificate> signerCerts, AlgorithmIdentifier digestAlgorithmId, AlgorithmIdentifier signatureAlgorithmId) throws Asn1EncodingException, CertificateEncodingException {
    SignerInfo signerInfo = new SignerInfo();
    signerInfo.version = 1;
    X509Certificate signingCert = signerCerts.get(0);
    X500Principal signerCertIssuer = signingCert.getIssuerX500Principal();
    signerInfo.sid = new SignerIdentifier(new IssuerAndSerialNumber(new Asn1OpaqueObject(signerCertIssuer.getEncoded()), signingCert.getSerialNumber()));
    signerInfo.digestAlgorithm = digestAlgorithmId;
    signerInfo.signatureAlgorithm = signatureAlgorithmId;
    signerInfo.signature = ByteBuffer.wrap(signatureBytes);
    SignedData signedData = new SignedData();
    signedData.certificates = new ArrayList<>(signerCerts.size());
    for (X509Certificate cert : signerCerts) {
        signedData.certificates.add(new Asn1OpaqueObject(cert.getEncoded()));
    }
    signedData.version = 1;
    signedData.digestAlgorithms = Collections.singletonList(digestAlgorithmId);
    signedData.encapContentInfo = new EncapsulatedContentInfo(Pkcs7Constants.OID_DATA);
    // If data is not null, data will be embedded as is in the result -- an attached pcsk7
    signedData.encapContentInfo.content = data;
    signedData.signerInfos = Collections.singletonList(signerInfo);
    ContentInfo contentInfo = new ContentInfo();
    contentInfo.contentType = Pkcs7Constants.OID_SIGNED_DATA;
    contentInfo.content = new Asn1OpaqueObject(Asn1DerEncoder.encode(signedData));
    return Asn1DerEncoder.encode(contentInfo);
}

Also used : IssuerAndSerialNumber(com.android.apksig.internal.pkcs7.IssuerAndSerialNumber) SignerInfo(com.android.apksig.internal.pkcs7.SignerInfo) SignedData(com.android.apksig.internal.pkcs7.SignedData) ContentInfo(com.android.apksig.internal.pkcs7.ContentInfo) EncapsulatedContentInfo(com.android.apksig.internal.pkcs7.EncapsulatedContentInfo) X500Principal(javax.security.auth.x500.X500Principal) SignerIdentifier(com.android.apksig.internal.pkcs7.SignerIdentifier) EncapsulatedContentInfo(com.android.apksig.internal.pkcs7.EncapsulatedContentInfo) Asn1OpaqueObject(com.android.apksig.internal.asn1.Asn1OpaqueObject) X509Certificate(java.security.cert.X509Certificate) GuaranteedEncodedFormX509Certificate(com.android.apksig.internal.util.GuaranteedEncodedFormX509Certificate)

Aggregations

Asn1OpaqueObject (com.android.apksig.internal.asn1.Asn1OpaqueObject)2 GuaranteedEncodedFormX509Certificate (com.android.apksig.internal.util.GuaranteedEncodedFormX509Certificate)2 X509Certificate (java.security.cert.X509Certificate)2 ArrayList (java.util.ArrayList)2 BerDataValue (com.android.apksig.internal.asn1.ber.BerDataValue)1 BerDataValueFormatException (com.android.apksig.internal.asn1.ber.BerDataValueFormatException)1 BerDataValueReader (com.android.apksig.internal.asn1.ber.BerDataValueReader)1 ByteBufferBerDataValueReader (com.android.apksig.internal.asn1.ber.ByteBufferBerDataValueReader)1 ContentInfo (com.android.apksig.internal.pkcs7.ContentInfo)1 EncapsulatedContentInfo (com.android.apksig.internal.pkcs7.EncapsulatedContentInfo)1 IssuerAndSerialNumber (com.android.apksig.internal.pkcs7.IssuerAndSerialNumber)1 SignedData (com.android.apksig.internal.pkcs7.SignedData)1 SignerIdentifier (com.android.apksig.internal.pkcs7.SignerIdentifier)1 SignerInfo (com.android.apksig.internal.pkcs7.SignerInfo)1 CertificateException (java.security.cert.CertificateException)1 X500Principal (javax.security.auth.x500.X500Principal)1