use of com.github.zhenwei.core.asn1.ASN1Object in project documentproduction by qld-gov-au.
the class CertInformationCollector method addTimestampCerts.
/**
* Processes an embedded signed timestamp, that has been placed into a signature. The
* certificates and its chain(s) will be processed the same way as the signature itself.
*
* @param signerInformation of the signature, to get unsigned attributes from it.
* @throws IOException
* @throws CertificateProccessingException
*/
private void addTimestampCerts(SignerInformation signerInformation) throws IOException, CertificateProccessingException {
AttributeTable unsignedAttributes = signerInformation.getUnsignedAttributes();
if (unsignedAttributes == null) {
return;
}
Attribute tsAttribute = unsignedAttributes.get(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken);
if (tsAttribute == null) {
return;
}
ASN1Encodable obj0 = tsAttribute.getAttrValues().getObjectAt(0);
if (!(obj0 instanceof ASN1Object)) {
return;
}
ASN1Object tsSeq = (ASN1Object) obj0;
try {
CMSSignedData signedData = new CMSSignedData(tsSeq.getEncoded("DER"));
rootCertInfo.setTsaCerts(new CertSignatureInformation());
processSignerStore(signedData, rootCertInfo.getTsaCerts());
} catch (CMSException e) {
throw new IOException("Error parsing timestamp token", e);
}
}
use of com.github.zhenwei.core.asn1.ASN1Object in project OpenUnison by TremoloSecurity.
the class AndroidKeyStoreAttestation method getKeyDescriptionSequence.
private static ASN1Sequence getKeyDescriptionSequence(ASN1OctetString octet) throws CertificateParsingException {
// Read out the Sequence
ASN1Object asn1Object = X509ExtensionParsingUtil.getAsn1Object(octet.getOctets());
if (asn1Object == null || !(asn1Object instanceof ASN1Sequence)) {
throw new CertificateParsingException("Expected KeyDescription Sequence.");
}
ASN1Sequence sequence = (ASN1Sequence) asn1Object;
if (sequence.size() != DESCRIPTION_LENGTH) {
throw new CertificateParsingException("KeyDescription Sequence has " + sequence.size() + " elements. Expected " + DESCRIPTION_LENGTH + " elements ");
}
return sequence;
}
use of com.github.zhenwei.core.asn1.ASN1Object in project SpringRemote by HaleyWang.
the class SSH2KeyPairFile method writeKeyPair.
public static byte[] writeKeyPair(ASCIIArmour armour, String password, SecureRandom random, KeyPair keyPair) throws SSH2FatalException {
ASN1Object pem;
PublicKey publicKey = keyPair.getPublic();
int headType;
if (publicKey instanceof DSAPublicKey) {
DSAPublicKey pubKey = (DSAPublicKey) keyPair.getPublic();
DSAPrivateKey prvKey = (DSAPrivateKey) keyPair.getPrivate();
DSAParams params = pubKey.getParams();
pem = new PEMDSAPrivate(0, params.getP(), params.getQ(), params.getG(), pubKey.getY(), prvKey.getX());
headType = TYPE_PEM_DSA;
} else if (publicKey instanceof RSAPublicKey) {
RSAPublicKey pubKey = (RSAPublicKey) keyPair.getPublic();
RSAPrivateCrtKey prvKey = (RSAPrivateCrtKey) keyPair.getPrivate();
pem = new PEMRSAPrivate(0, pubKey.getModulus(), pubKey.getPublicExponent(), prvKey.getPrivateExponent(), prvKey.getPrimeP(), prvKey.getPrimeQ(), prvKey.getCrtCoefficient());
headType = TYPE_PEM_RSA;
} else if (publicKey instanceof ECPublicKey) {
ECPublicKey pubKey = (ECPublicKey) keyPair.getPublic();
ECPrivateKey prvKey = (ECPrivateKey) keyPair.getPrivate();
pem = new PEMECPrivate(pubKey, prvKey);
headType = TYPE_PEM_EC;
} else {
throw new SSH2FatalException("Unsupported key type: " + publicKey);
}
armour.setHeaderLine(BEGIN_PRV_KEY[headType]);
armour.setTailLine(END_PRV_KEY[headType]);
ByteArrayOutputStream enc = new ByteArrayOutputStream(128);
ASN1DER der = new ASN1DER();
try {
der.encode(enc, pem);
} catch (IOException e) {
throw new SSH2FatalException("Error while DER encoding");
}
byte[] keyBlob = enc.toByteArray();
if (password != null && password.length() > 0) {
byte[] iv = new byte[16];
random.setSeed(keyBlob);
for (int i = 0; i < iv.length; i++) {
byte[] r = new byte[1];
do {
random.nextBytes(r);
iv[i] = r[0];
} while (iv[i] == 0x00);
}
armour.setHeaderField(PRV_PROCTYPE, "4,ENCRYPTED");
armour.setHeaderField(PRV_DEKINFO, "AES-128-CBC," + HexDump.toString(iv).toUpperCase());
int encLen = (16 - (keyBlob.length % 16)) + keyBlob.length;
byte[] encBuf = new byte[encLen];
doCipher(Cipher.ENCRYPT_MODE, "AES/CBC/PKCS5Padding", password, keyBlob, keyBlob.length, encBuf, iv);
keyBlob = encBuf;
}
return keyBlob;
}
use of com.github.zhenwei.core.asn1.ASN1Object in project SpringRemote by HaleyWang.
the class AttributeTypeAndValue method valueAsString.
private String valueAsString() {
ASN1Object vo = value.getValue();
String vs = "<unknown>";
if (vo instanceof DirectoryString) {
vs = ((DirectoryString) vo).getString();
} else if (vo instanceof ASN1CharString) {
vs = ((ASN1CharString) vo).getValue();
} else if (vo instanceof ASN1PrintableString) {
vs = ((ASN1PrintableString) vo).getValue();
} else if (vo instanceof ASN1BitString) {
vs = ((ASN1BitString) vo).toPrintableString();
}
return vs;
}
use of com.github.zhenwei.core.asn1.ASN1Object in project SpringRemote by HaleyWang.
the class X509Certificate method getExtensionWithOID.
private ASN1Object getExtensionWithOID(String oid, Class<?> c) {
try {
Extensions es = certificate.tbsCertificate.extensions;
for (int i = 0; i < es.getCount(); i++) {
Extension e = (Extension) es.getComponent(i);
if (e.extnID.getString().equals(oid)) {
ASN1DER der = new ASN1DER();
ByteArrayInputStream ba = new ByteArrayInputStream(e.extnValue.getRaw());
ASN1Object obj = (ASN1Object) c.newInstance();
der.decode(ba, obj);
return obj;
}
}
} catch (Throwable t) {
}
return null;
}
Aggregations