Search in sources :

Example 96 with ASN1InputStream

use of com.github.zhenwei.core.asn1.ASN1InputStream in project LinLong-Java by zhenwei1108.

the class X509AttrCertParser method readDERCertificate.

private X509AttributeCertificate readDERCertificate(InputStream in) throws IOException {
    ASN1InputStream dIn = new ASN1InputStream(in);
    ASN1Sequence seq = ASN1Sequence.getInstance(dIn.readObject());
    if (seq.size() > 1 && seq.getObjectAt(0) instanceof ASN1ObjectIdentifier) {
        if (seq.getObjectAt(0).equals(PKCSObjectIdentifiers.signedData)) {
            sData = new SignedData(ASN1Sequence.getInstance((ASN1TaggedObject) seq.getObjectAt(1), true)).getCertificates();
            return getCertificate();
        }
    }
    return new X509V2AttributeCertificate(seq.getEncoded());
}
Also used : ASN1InputStream(com.github.zhenwei.core.asn1.ASN1InputStream) ASN1Sequence(com.github.zhenwei.core.asn1.ASN1Sequence) SignedData(com.github.zhenwei.core.asn1.pkcs.SignedData) ASN1TaggedObject(com.github.zhenwei.core.asn1.ASN1TaggedObject) X509V2AttributeCertificate(com.github.zhenwei.provider.x509.X509V2AttributeCertificate) ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)

Example 97 with ASN1InputStream

use of com.github.zhenwei.core.asn1.ASN1InputStream in project LinLong-Java by zhenwei1108.

the class CertificateFactory method doGenerateCRL.

/**
 * Generates a certificate revocation list (CRL) object and initializes it with the data read from
 * the input stream inStream.
 */
private CRL doGenerateCRL(InputStream in, boolean isFirst) throws CRLException {
    if (currentCrlStream == null) {
        currentCrlStream = in;
        sCrlData = null;
        sCrlDataObjectCount = 0;
    } else if (// reset if input stream has changed
    currentCrlStream != in) {
        currentCrlStream = in;
        sCrlData = null;
        sCrlDataObjectCount = 0;
    }
    try {
        if (sCrlData != null) {
            if (sCrlDataObjectCount != sCrlData.size()) {
                return getCRL();
            } else {
                sCrlData = null;
                sCrlDataObjectCount = 0;
                return null;
            }
        }
        InputStream pis;
        if (in.markSupported()) {
            pis = in;
        } else {
            pis = new ByteArrayInputStream(Streams.readAll(in));
        }
        pis.mark(1);
        int tag = pis.read();
        if (tag == -1) {
            return null;
        }
        pis.reset();
        if (// assume ascii PEM encoded.
        tag != 0x30) {
            return readPEMCRL(pis, isFirst);
        } else {
            // lazy evaluate to help processing of large CRLs
            return readDERCRL(new ASN1InputStream(pis, true));
        }
    } catch (CRLException e) {
        throw e;
    } catch (Exception e) {
        throw new CRLException(e.toString());
    }
}
Also used : ASN1InputStream(com.github.zhenwei.core.asn1.ASN1InputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) BufferedInputStream(java.io.BufferedInputStream) ASN1InputStream(com.github.zhenwei.core.asn1.ASN1InputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) CRLException(java.security.cert.CRLException) CertificateParsingException(java.security.cert.CertificateParsingException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) CRLException(java.security.cert.CRLException)

Example 98 with ASN1InputStream

use of com.github.zhenwei.core.asn1.ASN1InputStream in project LinLong-Java by zhenwei1108.

the class X509AttributeCertStoreSelector method match.

/**
 * Decides if the given attribute certificate should be selected.
 *
 * @param obj The attribute certificate which should be checked.
 * @return <code>true</code> if the attribute certificate can be selected,
 * <code>false</code> otherwise.
 */
public boolean match(Object obj) {
    if (!(obj instanceof X509AttributeCertificate)) {
        return false;
    }
    X509AttributeCertificate attrCert = (X509AttributeCertificate) obj;
    if (this.attributeCert != null) {
        if (!this.attributeCert.equals(attrCert)) {
            return false;
        }
    }
    if (serialNumber != null) {
        if (!attrCert.getSerialNumber().equals(serialNumber)) {
            return false;
        }
    }
    if (holder != null) {
        if (!attrCert.getHolder().equals(holder)) {
            return false;
        }
    }
    if (issuer != null) {
        if (!attrCert.getIssuer().equals(issuer)) {
            return false;
        }
    }
    if (attributeCertificateValid != null) {
        try {
            attrCert.checkValidity(attributeCertificateValid);
        } catch (CertificateExpiredException e) {
            return false;
        } catch (CertificateNotYetValidException e) {
            return false;
        }
    }
    if (!targetNames.isEmpty() || !targetGroups.isEmpty()) {
        byte[] targetInfoExt = attrCert.getExtensionValue(Extension.targetInformation.getId());
        if (targetInfoExt != null) {
            TargetInformation targetinfo;
            try {
                targetinfo = TargetInformation.getInstance(new ASN1InputStream(((DEROctetString) DEROctetString.fromByteArray(targetInfoExt)).getOctets()).readObject());
            } catch (IOException e) {
                return false;
            } catch (IllegalArgumentException e) {
                return false;
            }
            Targets[] targetss = targetinfo.getTargetsObjects();
            if (!targetNames.isEmpty()) {
                boolean found = false;
                for (int i = 0; i < targetss.length; i++) {
                    Targets t = targetss[i];
                    Target[] targets = t.getTargets();
                    for (int j = 0; j < targets.length; j++) {
                        if (targetNames.contains(GeneralName.getInstance(targets[j].getTargetName()))) {
                            found = true;
                            break;
                        }
                    }
                }
                if (!found) {
                    return false;
                }
            }
            if (!targetGroups.isEmpty()) {
                boolean found = false;
                for (int i = 0; i < targetss.length; i++) {
                    Targets t = targetss[i];
                    Target[] targets = t.getTargets();
                    for (int j = 0; j < targets.length; j++) {
                        if (targetGroups.contains(GeneralName.getInstance(targets[j].getTargetGroup()))) {
                            found = true;
                            break;
                        }
                    }
                }
                if (!found) {
                    return false;
                }
            }
        }
    }
    return true;
}
Also used : CertificateNotYetValidException(java.security.cert.CertificateNotYetValidException) ASN1InputStream(com.github.zhenwei.core.asn1.ASN1InputStream) CertificateExpiredException(java.security.cert.CertificateExpiredException) Targets(com.github.zhenwei.core.asn1.x509.Targets) IOException(java.io.IOException) DEROctetString(com.github.zhenwei.core.asn1.DEROctetString) Target(com.github.zhenwei.core.asn1.x509.Target) TargetInformation(com.github.zhenwei.core.asn1.x509.TargetInformation)

Example 99 with ASN1InputStream

use of com.github.zhenwei.core.asn1.ASN1InputStream in project LinLong-Java by zhenwei1108.

the class X509CertificatePair method getEncoded.

public byte[] getEncoded() throws CertificateEncodingException {
    Certificate f = null;
    Certificate r = null;
    try {
        if (forward != null) {
            f = Certificate.getInstance(new ASN1InputStream(forward.getEncoded()).readObject());
            if (f == null) {
                throw new CertificateEncodingException("unable to get encoding for forward");
            }
        }
        if (reverse != null) {
            r = Certificate.getInstance(new ASN1InputStream(reverse.getEncoded()).readObject());
            if (r == null) {
                throw new CertificateEncodingException("unable to get encoding for reverse");
            }
        }
        return new CertificatePair(f, r).getEncoded(ASN1Encoding.DER);
    } catch (IllegalArgumentException e) {
        throw new ExtCertificateEncodingException(e.toString(), e);
    } catch (IOException e) {
        throw new ExtCertificateEncodingException(e.toString(), e);
    }
}
Also used : ASN1InputStream(com.github.zhenwei.core.asn1.ASN1InputStream) CertificateEncodingException(java.security.cert.CertificateEncodingException) IOException(java.io.IOException) CertificatePair(com.github.zhenwei.core.asn1.x509.CertificatePair) X509Certificate(java.security.cert.X509Certificate) Certificate(com.github.zhenwei.core.asn1.x509.Certificate)

Example 100 with ASN1InputStream

use of com.github.zhenwei.core.asn1.ASN1InputStream in project LinLong-Java by zhenwei1108.

the class NetscapeCertRequest method getKeySpec.

private ASN1Primitive getKeySpec() throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchProviderException {
    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    ASN1Primitive obj = null;
    try {
        baos.write(pubkey.getEncoded());
        baos.close();
        ASN1InputStream derin = new ASN1InputStream(new ByteArrayInputStream(baos.toByteArray()));
        obj = derin.readObject();
    } catch (IOException ioe) {
        throw new InvalidKeySpecException(ioe.getMessage());
    }
    return obj;
}
Also used : ASN1InputStream(com.github.zhenwei.core.asn1.ASN1InputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) ByteArrayOutputStream(java.io.ByteArrayOutputStream) IOException(java.io.IOException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) ASN1Primitive(com.github.zhenwei.core.asn1.ASN1Primitive)

Aggregations

ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)171 IOException (java.io.IOException)142 ByteArrayInputStream (java.io.ByteArrayInputStream)76 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)64 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)42 ASN1Primitive (org.bouncycastle.asn1.ASN1Primitive)38 DEROctetString (org.bouncycastle.asn1.DEROctetString)38 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)33 ASN1InputStream (com.github.zhenwei.core.asn1.ASN1InputStream)32 BigInteger (java.math.BigInteger)32 CertificateException (java.security.cert.CertificateException)31 X509Certificate (java.security.cert.X509Certificate)29 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)28 CertificateParsingException (java.security.cert.CertificateParsingException)27 Enumeration (java.util.Enumeration)27 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)26 InvalidKeyException (java.security.InvalidKeyException)25 CertificateEncodingException (java.security.cert.CertificateEncodingException)25 CRLException (java.security.cert.CRLException)24 NoSuchProviderException (java.security.NoSuchProviderException)22