Examples with ASN1Encodable com.github.zhenwei.core.asn1.ASN1Encodable used on opensource projects

Example 76 with ASN1Encodable

use of com.github.zhenwei.core.asn1.ASN1Encodable in project xades4j by luisgoncalves.

the class SignerSpecificTest method data.

@Parameterized.Parameters
public static Collection<ASN1Encodable[]> data() {
    ArrayList<ASN1Encodable[]> result = new ArrayList<ASN1Encodable[]>();
    result.add(new ASN1Encodable[] { new DERBMPString(NATIONAL_DN_CYRILLIC) });
    result.add(new ASN1Encodable[] { new DERUTF8String(NATIONAL_DN_CYRILLIC) });
    result.add(new ASN1Encodable[] { new DERBMPString(NATIONAL_DN_ARABIC) });
    result.add(new ASN1Encodable[] { new DERUTF8String(NATIONAL_DN_ARABIC) });
    return result;
}

Example 77 with ASN1Encodable

use of com.github.zhenwei.core.asn1.ASN1Encodable in project certmgr by hdecarne.

the class PKCS10CertificateRequest method fromPKCS10.

/**
 * Construct {@code PKCS10CertificateRequest} from a PKCS#10 object.
 *
 * @param pkcs10 The PCKS#10 object.
 * @return The constructed {@code PKCS10CertificateRequest}.
 * @throws IOException if an I/O error occurs while accessing the PKCS#10 object.
 */
public static PKCS10CertificateRequest fromPKCS10(PKCS10CertificationRequest pkcs10) throws IOException {
    JcaPKCS10CertificationRequest csr;
    X500Principal subject;
    PublicKey publicKey;
    Map<String, byte[]> criticalExtensions = new HashMap<>();
    Map<String, byte[]> nonCriticalExtensions = new HashMap<>();
    try {
        if (pkcs10 instanceof JcaPKCS10CertificationRequest) {
            csr = (JcaPKCS10CertificationRequest) pkcs10;
        } else {
            csr = new JcaPKCS10CertificationRequest(pkcs10);
        }
        subject = new X500Principal(csr.getSubject().getEncoded());
        publicKey = csr.getPublicKey();
        Attribute[] extensionAttributes = csr.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);
        if (extensionAttributes != null) {
            for (Attribute extensionAttribute : extensionAttributes) {
                ASN1Encodable[] values = extensionAttribute.getAttributeValues();
                if (values != null) {
                    for (ASN1Encodable value : values) {
                        ASN1Primitive[] extensionPrimitives = decodeSequence(value.toASN1Primitive(), 0, Integer.MAX_VALUE);
                        for (ASN1Primitive extensionPrimitive : extensionPrimitives) {
                            ASN1Primitive[] sequence = decodeSequence(extensionPrimitive, 2, 3);
                            String extensionOID = decodePrimitive(sequence[0], ASN1ObjectIdentifier.class).getId();
                            boolean criticalFlag = true;
                            byte[] extensionData;
                            if (sequence.length == 3) {
                                criticalFlag = decodePrimitive(sequence[1], ASN1Boolean.class).isTrue();
                                extensionData = sequence[2].getEncoded();
                            } else {
                                extensionData = sequence[1].getEncoded();
                            }
                            if (criticalFlag) {
                                criticalExtensions.put(extensionOID, extensionData);
                            } else {
                                nonCriticalExtensions.put(extensionOID, extensionData);
                            }
                        }
                    }
                }
            }
        }
    } catch (GeneralSecurityException e) {
        throw new CertProviderException(e);
    }
    return new PKCS10CertificateRequest(csr, subject, publicKey, criticalExtensions, nonCriticalExtensions);
}

Example 78 with ASN1Encodable

use of com.github.zhenwei.core.asn1.ASN1Encodable in project TLS-Scanner by RUB-NDS.

the class OcspProbe method prepareNonceExtension.

private byte[] prepareNonceExtension() {
    Asn1Sequence innerExtensionSequence = new Asn1Sequence();
    Asn1ObjectIdentifier oid = new Asn1ObjectIdentifier();
    oid.setValue(NONCE.getOID());
    Asn1Sequence extensionSequence = new Asn1Sequence();
    innerExtensionSequence.addChild(oid);
    Asn1EncapsulatingOctetString encapsulatingOctetString = new Asn1EncapsulatingOctetString();
    // Nonce
    Asn1PrimitiveOctetString nonceOctetString = new Asn1PrimitiveOctetString();
    Random rand = new Random(STAPLED_NONCE_RANDOM_SEED);
    BigInteger nonce = new BigInteger(STAPLED_NONCE_RANDOM_BIT_LENGTH, rand);
    nonceOctetString.setValue(nonce.toByteArray());
    encapsulatingOctetString.addChild(nonceOctetString);
    innerExtensionSequence.addChild(encapsulatingOctetString);
    extensionSequence.addChild(innerExtensionSequence);
    List<Asn1Encodable> asn1Encodables = new LinkedList<>();
    asn1Encodables.add(extensionSequence);
    Asn1Encoder asn1Encoder = new Asn1Encoder(asn1Encodables);
    return asn1Encoder.encode();
}

Example 79 with ASN1Encodable

use of com.github.zhenwei.core.asn1.ASN1Encodable in project cloudbreak by hortonworks.

the class KrbKeySetEncoder method getASNEncodedKrbPrincipalKey.

public static String getASNEncodedKrbPrincipalKey(List<ActorKerberosKey> keys) throws IOException {
    ASN1Encodable[] asn1Encodables = new ASN1Encodable[keys.size()];
    for (int i = 0; i < keys.size(); i++) {
        ActorKerberosKey key = keys.get(i);
        byte[] byteValue = Base64.getDecoder().decode(key.getKeyValue().getBytes(StandardCharsets.UTF_8));
        asn1Encodables[i] = makeKrbKey(makeSalt(key.getSaltType(), key.getSaltValue()), makeEncryptionKey(key.getKeyType(), byteValue));
    }
    DERSequence krbKeys = new DERSequence(asn1Encodables);
    DERSequence krbKeySet = new DERSequence(new ASN1Encodable[] { // attribute-major-vno
    new DERTaggedObject(true, TAG_ATTRIBUTE_MAJOR_VNO, new ASN1Integer(1)), // attribute-minor-vno
    new DERTaggedObject(true, TAG_ATTRIBUTE_MINOR_VNO, new ASN1Integer(1)), // kvno
    new DERTaggedObject(true, TAG_KVNO, new ASN1Integer(1)), // mkvno
    new DERTaggedObject(true, TAG_MKVNO, new ASN1Integer(1)), new DERTaggedObject(true, TAG_KEYS, krbKeys) });
    return Base64.getEncoder().encodeToString(krbKeySet.getEncoded());
}

Example 80 with ASN1Encodable

use of com.github.zhenwei.core.asn1.ASN1Encodable in project pdfbox by apache.

the class CertificateVerifier method extractOCSPURL.

/**
 * Extract the OCSP URL from an X.509 certificate if available.
 *
 * @param cert X.509 certificate
 * @return the URL of the OCSP validation service
 * @throws IOException
 */
private static String extractOCSPURL(X509Certificate cert) throws IOException {
    byte[] authorityExtensionValue = cert.getExtensionValue(Extension.authorityInfoAccess.getId());
    if (authorityExtensionValue != null) {
        // copied from CertInformationHelper.getAuthorityInfoExtensionValue()
        // DRY refactor should be done some day
        ASN1Sequence asn1Seq = (ASN1Sequence) JcaX509ExtensionUtils.parseExtensionValue(authorityExtensionValue);
        Enumeration<?> objects = asn1Seq.getObjects();
        while (objects.hasMoreElements()) {
            // AccessDescription
            ASN1Sequence obj = (ASN1Sequence) objects.nextElement();
            ASN1Encodable oid = obj.getObjectAt(0);
            // accessLocation
            ASN1TaggedObject location = (ASN1TaggedObject) obj.getObjectAt(1);
            if (X509ObjectIdentifiers.id_ad_ocsp.equals(oid) && location.getTagNo() == GeneralName.uniformResourceIdentifier) {
                ASN1OctetString url = (ASN1OctetString) location.getBaseObject();
                String ocspURL = new String(url.getOctets());
                LOG.info("OCSP URL: " + ocspURL);
                return ocspURL;
            }
        }
    }
    return null;
}