Examples with ASN1InputStream com.github.zhenwei.core.asn1.ASN1InputStream used on opensource projects

Example 46 with ASN1InputStream

use of com.github.zhenwei.core.asn1.ASN1InputStream in project structr by structr.

the class SignedJarBuilder method writeSignatureBlock.

/**
 * Write the certificate file with a digital signature.
 */
private void writeSignatureBlock(final JarOutputStream jos, final CMSTypedData data, final X509Certificate publicKey, final PrivateKey privateKey) throws IOException, CertificateEncodingException, OperatorCreationException, CMSException {
    final List<X509Certificate> certList = new ArrayList<>();
    certList.add(publicKey);
    final JcaCertStore certs = new JcaCertStore(certList);
    final CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
    final ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1with" + privateKey.getAlgorithm()).build(privateKey);
    gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().build()).setDirectSignature(true).build(sha1Signer, publicKey));
    gen.addCertificates(certs);
    final CMSSignedData sigData = gen.generate(data, false);
    final ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded());
    final DEROutputStream dos = new DEROutputStream(jos);
    dos.writeObject(asn1.readObject());
}

Example 47 with ASN1InputStream

use of com.github.zhenwei.core.asn1.ASN1InputStream in project jmulticard by ctt-gob-es.

the class DO8E method fromByteArray.

void fromByteArray(final byte[] encodedData) throws SecureMessagingException {
    try (final ASN1InputStream asn1in = new ASN1InputStream(encodedData)) {
        this.to = (DERTaggedObject) asn1in.readObject();
    } catch (final IOException e) {
        throw new SecureMessagingException(e);
    }
    final DEROctetString ocs = (DEROctetString) this.to.getObject();
    this.data = ocs.getOctets();
}

Example 48 with ASN1InputStream

use of com.github.zhenwei.core.asn1.ASN1InputStream in project xades4j by luisgoncalves.

the class DefaultTimeStampVerificationProvider method verifyToken.

@Override
public Date verifyToken(byte[] timeStampToken, byte[] tsDigestInput) throws TimeStampTokenVerificationException {
    TimeStampToken tsToken;
    try {
        ASN1InputStream asn1is = new ASN1InputStream(timeStampToken);
        ContentInfo tsContentInfo = ContentInfo.getInstance(asn1is.readObject());
        asn1is.close();
        tsToken = new TimeStampToken(tsContentInfo);
    } catch (IOException ex) {
        throw new TimeStampTokenStructureException("Error parsing encoded token", ex);
    } catch (TSPException ex) {
        throw new TimeStampTokenStructureException("Invalid token", ex);
    }
    X509Certificate tsaCert = null;
    try {
        /* Validate the TSA certificate */
        LinkedList<X509Certificate> certs = new LinkedList<X509Certificate>();
        for (Object certHolder : tsToken.getCertificates().getMatches(new AllCertificatesSelector())) {
            certs.add(this.x509CertificateConverter.getCertificate((X509CertificateHolder) certHolder));
        }
        ValidationData vData = this.certificateValidationProvider.validate(x509CertSelectorConverter.getCertSelector(tsToken.getSID()), tsToken.getTimeStampInfo().getGenTime(), certs);
        tsaCert = vData.getCerts().get(0);
    } catch (CertificateException ex) {
        throw new TimeStampTokenVerificationException(ex.getMessage(), ex);
    } catch (XAdES4jException ex) {
        throw new TimeStampTokenTSACertException("cannot validate TSA certificate", ex);
    }
    try {
        tsToken.validate(this.signerInfoVerifierBuilder.build(tsaCert));
    } catch (TSPValidationException ex) {
        throw new TimeStampTokenSignatureException("Invalid token signature or certificate", ex);
    } catch (Exception ex) {
        throw new TimeStampTokenVerificationException("Error when verifying the token signature", ex);
    }
    org.bouncycastle.tsp.TimeStampTokenInfo tsTokenInfo = tsToken.getTimeStampInfo();
    try {
        String digestAlgUri = uriForDigest(tsTokenInfo.getMessageImprintAlgOID());
        MessageDigest md = messageDigestProvider.getEngine(digestAlgUri);
        if (!Arrays.equals(md.digest(tsDigestInput), tsTokenInfo.getMessageImprintDigest())) {
            throw new TimeStampTokenDigestException();
        }
    } catch (UnsupportedAlgorithmException ex) {
        throw new TimeStampTokenVerificationException("The token's digest algorithm is not supported", ex);
    }
    return tsTokenInfo.getGenTime();
}

Example 49 with ASN1InputStream

use of com.github.zhenwei.core.asn1.ASN1InputStream in project keystore-explorer by kaikramer.

the class DKeyUsage method prepopulateWithValue.

private void prepopulateWithValue(byte[] value) throws IOException {
    try (ASN1InputStream asn1InputStream = new ASN1InputStream(value)) {
        ASN1BitString keyUsage = ASN1BitString.getInstance(asn1InputStream.readObject());
        int keyUsageValue = keyUsage.intValue();
        jcbDigitalSignature.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.digitalSignature));
        jcbNonRepudiation.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.nonRepudiation));
        jcbKeyEncipherment.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.keyEncipherment));
        jcbDataEncipherment.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.dataEncipherment));
        jcbKeyAgreement.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.keyAgreement));
        jcbCertificateSigning.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.keyCertSign));
        jcbCrlSign.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.cRLSign));
        jcbEncipherOnly.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.encipherOnly));
        jcbDecipherOnly.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.decipherOnly));
    }
}

Example 50 with ASN1InputStream

use of com.github.zhenwei.core.asn1.ASN1InputStream in project keystore-explorer by kaikramer.

the class X509Ext method getNetscapeCertificateTypeStringValue.

private static String getNetscapeCertificateTypeStringValue(byte[] value) throws IOException {
    // @formatter:off
    /*
		 * NetscapeCertType ::= BIT STRING { sslClient (0), sslServer (1), smime
		 * (2), objectSigning (3), reserved (4), sslCA (5), smimeCA (6),
		 * objectSigningCA (7) }
		 */
    // @formatter:on
    StringBuilder sb = new StringBuilder();
    // we have a ByteArrayInputStream here which does not need to be closed
    @SuppressWarnings("resource") ASN1BitString netscapeCertType = ASN1BitString.getInstance(new ASN1InputStream(value).readObject());
    int netscapeCertTypes = netscapeCertType.intValue();
    if (isCertType(netscapeCertTypes, NetscapeCertType.sslClient)) {
        sb.append(res.getString("SslClientNetscapeCertificateType"));
        sb.append(NEWLINE);
    }
    if (isCertType(netscapeCertTypes, NetscapeCertType.sslServer)) {
        sb.append(res.getString("SslServerNetscapeCertificateType"));
        sb.append(NEWLINE);
    }
    if (isCertType(netscapeCertTypes, NetscapeCertType.smime)) {
        sb.append(res.getString("SmimeNetscapeCertificateType"));
        sb.append(NEWLINE);
    }
    if (isCertType(netscapeCertTypes, NetscapeCertType.objectSigning)) {
        sb.append(res.getString("ObjectSigningNetscapeCertificateType"));
        sb.append(NEWLINE);
    }
    if (isCertType(netscapeCertTypes, NetscapeCertType.reserved)) {
        sb.append(res.getString("ReservedNetscapeCertificateType"));
        sb.append(NEWLINE);
    }
    if (isCertType(netscapeCertTypes, NetscapeCertType.sslCA)) {
        sb.append(res.getString("SslCaNetscapeCertificateType"));
        sb.append(NEWLINE);
    }
    if (isCertType(netscapeCertTypes, NetscapeCertType.smimeCA)) {
        sb.append(res.getString("SmimeCaNetscapeCertificateType"));
        sb.append(NEWLINE);
    }
    if (isCertType(netscapeCertTypes, NetscapeCertType.objectSigningCA)) {
        sb.append(res.getString("ObjectSigningCaNetscapeCertificateType"));
        sb.append(NEWLINE);
    }
    return sb.toString();
}