Example 26 with ASN1ObjectIdentifier
use of com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier in project robovm by robovm.
the class X509CertificateObject method getNonCriticalExtensionOIDs.
public Set getNonCriticalExtensionOIDs() {
if (this.getVersion() == 3) {
Set set = new HashSet();
Extensions extensions = c.getTBSCertificate().getExtensions();
if (extensions != null) {
Enumeration e = extensions.oids();
while (e.hasMoreElements()) {
ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement();
Extension ext = extensions.getExtension(oid);
if (!ext.isCritical()) {
set.add(oid.getId());
}
}
return set;
}
}
return null;
}
Also used :
Extension(org.bouncycastle.asn1.x509.Extension)
VerisignCzagExtension(org.bouncycastle.asn1.misc.VerisignCzagExtension)
Set(java.util.Set)
HashSet(java.util.HashSet)
Enumeration(java.util.Enumeration)
Extensions(org.bouncycastle.asn1.x509.Extensions)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
HashSet(java.util.HashSet)
Example 27 with ASN1ObjectIdentifier
use of com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier in project robovm by robovm.
the class X509CertificateObject method hasUnsupportedCriticalExtension.
public boolean hasUnsupportedCriticalExtension() {
if (this.getVersion() == 3) {
Extensions extensions = c.getTBSCertificate().getExtensions();
if (extensions != null) {
Enumeration e = extensions.oids();
while (e.hasMoreElements()) {
ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement();
String oidId = oid.getId();
if (oidId.equals(RFC3280CertPathUtilities.KEY_USAGE) || oidId.equals(RFC3280CertPathUtilities.CERTIFICATE_POLICIES) || oidId.equals(RFC3280CertPathUtilities.POLICY_MAPPINGS) || oidId.equals(RFC3280CertPathUtilities.INHIBIT_ANY_POLICY) || oidId.equals(RFC3280CertPathUtilities.CRL_DISTRIBUTION_POINTS) || oidId.equals(RFC3280CertPathUtilities.ISSUING_DISTRIBUTION_POINT) || oidId.equals(RFC3280CertPathUtilities.DELTA_CRL_INDICATOR) || oidId.equals(RFC3280CertPathUtilities.POLICY_CONSTRAINTS) || oidId.equals(RFC3280CertPathUtilities.BASIC_CONSTRAINTS) || oidId.equals(RFC3280CertPathUtilities.SUBJECT_ALTERNATIVE_NAME) || oidId.equals(RFC3280CertPathUtilities.NAME_CONSTRAINTS)) {
continue;
}
Extension ext = extensions.getExtension(oid);
if (ext.isCritical()) {
return true;
}
}
}
}
return false;
}
Also used :
Extension(org.bouncycastle.asn1.x509.Extension)
VerisignCzagExtension(org.bouncycastle.asn1.misc.VerisignCzagExtension)
Enumeration(java.util.Enumeration)
DERBitString(org.bouncycastle.asn1.DERBitString)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
ASN1String(org.bouncycastle.asn1.ASN1String)
Extensions(org.bouncycastle.asn1.x509.Extensions)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 28 with ASN1ObjectIdentifier
use of com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier in project android_frameworks_base by crdroidandroid.
the class AndroidKeyStoreKeyPairGeneratorSpi method generateSelfSignedCertificateWithFakeSignature.
@SuppressWarnings("deprecation")
private X509Certificate generateSelfSignedCertificateWithFakeSignature(PublicKey publicKey) throws IOException, CertificateParsingException {
V3TBSCertificateGenerator tbsGenerator = new V3TBSCertificateGenerator();
ASN1ObjectIdentifier sigAlgOid;
AlgorithmIdentifier sigAlgId;
byte[] signature;
switch(mKeymasterAlgorithm) {
case KeymasterDefs.KM_ALGORITHM_EC:
sigAlgOid = X9ObjectIdentifiers.ecdsa_with_SHA256;
sigAlgId = new AlgorithmIdentifier(sigAlgOid);
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(new DERInteger(0));
v.add(new DERInteger(0));
signature = new DERSequence().getEncoded();
break;
case KeymasterDefs.KM_ALGORITHM_RSA:
sigAlgOid = PKCSObjectIdentifiers.sha256WithRSAEncryption;
sigAlgId = new AlgorithmIdentifier(sigAlgOid, DERNull.INSTANCE);
signature = new byte[1];
break;
default:
throw new ProviderException("Unsupported key algorithm: " + mKeymasterAlgorithm);
}
try (ASN1InputStream publicKeyInfoIn = new ASN1InputStream(publicKey.getEncoded())) {
tbsGenerator.setSubjectPublicKeyInfo(SubjectPublicKeyInfo.getInstance(publicKeyInfoIn.readObject()));
}
tbsGenerator.setSerialNumber(new ASN1Integer(mSpec.getCertificateSerialNumber()));
X509Principal subject = new X509Principal(mSpec.getCertificateSubject().getEncoded());
tbsGenerator.setSubject(subject);
tbsGenerator.setIssuer(subject);
tbsGenerator.setStartDate(new Time(mSpec.getCertificateNotBefore()));
tbsGenerator.setEndDate(new Time(mSpec.getCertificateNotAfter()));
tbsGenerator.setSignature(sigAlgId);
TBSCertificate tbsCertificate = tbsGenerator.generateTBSCertificate();
ASN1EncodableVector result = new ASN1EncodableVector();
result.add(tbsCertificate);
result.add(sigAlgId);
result.add(new DERBitString(signature));
return new X509CertificateObject(Certificate.getInstance(new DERSequence(result)));
}
Also used :
ASN1InputStream(com.android.org.bouncycastle.asn1.ASN1InputStream)
ProviderException(java.security.ProviderException)
Time(com.android.org.bouncycastle.asn1.x509.Time)
DERBitString(com.android.org.bouncycastle.asn1.DERBitString)
ASN1Integer(com.android.org.bouncycastle.asn1.ASN1Integer)
AlgorithmIdentifier(com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier)
DERInteger(com.android.org.bouncycastle.asn1.DERInteger)
DERSequence(com.android.org.bouncycastle.asn1.DERSequence)
X509CertificateObject(com.android.org.bouncycastle.jce.provider.X509CertificateObject)
X509Principal(com.android.org.bouncycastle.jce.X509Principal)
ASN1EncodableVector(com.android.org.bouncycastle.asn1.ASN1EncodableVector)
V3TBSCertificateGenerator(com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator)
TBSCertificate(com.android.org.bouncycastle.asn1.x509.TBSCertificate)
ASN1ObjectIdentifier(com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 29 with ASN1ObjectIdentifier
use of com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier in project gitblit by gitblit.
the class X509Utils method setOID.
private static void setOID(X500NameBuilder dnBuilder, X509Metadata metadata, String oid, String defaultValue) {
String value = null;
if (metadata.oids != null && metadata.oids.containsKey(oid)) {
value = metadata.oids.get(oid);
}
if (StringUtils.isEmpty(value)) {
value = defaultValue;
}
if (!StringUtils.isEmpty(value)) {
try {
Field field = BCStyle.class.getField(oid);
ASN1ObjectIdentifier objectId = (ASN1ObjectIdentifier) field.get(null);
dnBuilder.addRDN(objectId, value);
} catch (Exception e) {
logger.error(MessageFormat.format("Failed to set OID \"{0}\"!", oid), e);
}
}
}
Also used :
Field(java.lang.reflect.Field)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
OperatorCreationException(org.bouncycastle.operator.OperatorCreationException)
SignatureException(java.security.SignatureException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
CertPathBuilderException(java.security.cert.CertPathBuilderException)
IOException(java.io.IOException)
Example 30 with ASN1ObjectIdentifier
use of com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier in project robovm by robovm.
the class CMSSignedData method getSignerInfos.
/**
* return the collection of signers that are associated with the
* signatures for the message.
*/
public SignerInformationStore getSignerInfos() {
if (signerInfoStore == null) {
ASN1Set s = signedData.getSignerInfos();
List signerInfos = new ArrayList();
SignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder();
for (int i = 0; i != s.size(); i++) {
SignerInfo info = SignerInfo.getInstance(s.getObjectAt(i));
ASN1ObjectIdentifier contentType = signedData.getEncapContentInfo().getContentType();
if (hashes == null) {
signerInfos.add(new SignerInformation(info, contentType, signedContent, null));
} else {
Object obj = hashes.keySet().iterator().next();
byte[] hash = (obj instanceof String) ? (byte[]) hashes.get(info.getDigestAlgorithm().getAlgorithm().getId()) : (byte[]) hashes.get(info.getDigestAlgorithm().getAlgorithm());
signerInfos.add(new SignerInformation(info, contentType, null, hash));
}
}
signerInfoStore = new SignerInformationStore(signerInfos);
}
return signerInfoStore;
}
Also used :
DefaultSignatureAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder)
SignatureAlgorithmIdentifierFinder(org.bouncycastle.operator.SignatureAlgorithmIdentifierFinder)
ArrayList(java.util.ArrayList)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DefaultSignatureAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder)
SignerInfo(org.bouncycastle.asn1.cms.SignerInfo)
ASN1Set(org.bouncycastle.asn1.ASN1Set)
ArrayList(java.util.ArrayList)
List(java.util.List)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Aggregations
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)55
Enumeration (java.util.Enumeration)23
Extension (org.bouncycastle.asn1.x509.Extension)17
Extensions (org.bouncycastle.asn1.x509.Extensions)17
IOException (java.io.IOException)16
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)14
ASN1String (org.bouncycastle.asn1.ASN1String)12
DEROctetString (org.bouncycastle.asn1.DEROctetString)12
HashSet (java.util.HashSet)11
Set (java.util.Set)11
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)10
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)10
CertificateEncodingException (java.security.cert.CertificateEncodingException)9
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)8
ASN1Primitive (org.bouncycastle.asn1.ASN1Primitive)8
DERSequence (org.bouncycastle.asn1.DERSequence)8
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)8
DERBitString (org.bouncycastle.asn1.DERBitString)7
DERIA5String (org.bouncycastle.asn1.DERIA5String)7
DERUniversalString (org.bouncycastle.asn1.DERUniversalString)7
