Examples with ASN1Primitive - com.github.zhenwei.core.asn1.ASN1Primitive

Example 46 with ASN1Primitive

use of com.github.zhenwei.core.asn1.ASN1Primitive in project certmgr by hdecarne.

the class DistributionPoint method decode.

/**
 * Decode {@code DistributionPoint} object from an ASN.1 data object.
 *
 * @param primitive The ASN.1 data object to decode.
 * @return The decoded distribution point object.
 * @throws IOException if an I/O error occurs during decoding.
 */
public static DistributionPoint decode(ASN1Primitive primitive) throws IOException {
    ASN1Primitive[] sequence = decodeSequence(primitive, 1, Integer.MAX_VALUE);
    DistributionPointName name = null;
    ReasonFlags reasons = null;
    GeneralNames crlIssuer = null;
    for (ASN1Primitive sequenceEntry : sequence) {
        ASN1TaggedObject taggedObject = decodePrimitive(sequenceEntry, ASN1TaggedObject.class);
        int taggedObjectTag = taggedObject.getTagNo();
        switch(taggedObjectTag) {
            case 0:
                name = DistributionPointName.decode(taggedObject.getObject());
                break;
            case 1:
                reasons = ReasonFlags.decode(taggedObject.getObject());
                break;
            case 2:
                crlIssuer = GeneralNames.decode(taggedObject.getObject());
                break;
            default:
                throw new IOException("Unsupported tag: " + taggedObjectTag);
        }
    }
    return new DistributionPoint(name, crlIssuer, reasons);
}

Also used : ASN1TaggedObject(org.bouncycastle.asn1.ASN1TaggedObject) IOException(java.io.IOException) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive)

Example 47 with ASN1Primitive

use of com.github.zhenwei.core.asn1.ASN1Primitive in project certmgr by hdecarne.

the class IPAddressName method decode.

/**
 * Decode {@code IPAddressName} from an ASN.1 data object.
 *
 * @param primitive The ASN.1 data object to decode.
 * @return The decoded IP address name object.
 * @throws IOException if an I/O error occurs during decoding.
 */
public static IPAddressName decode(ASN1Primitive primitive) throws IOException {
    ASN1Primitive object = decodeTagged(primitive, GeneralNameType.IP_ADDRESS_TAG);
    byte[] octets = decodePrimitive(object, ASN1OctetString.class).getOctets();
    InetAddress address;
    InetAddress netmask;
    switch(octets.length) {
        case 4:
            address = InetAddress.getByAddress(octets);
            netmask = null;
            break;
        case 8:
            address = InetAddress.getByAddress(Arrays.copyOfRange(octets, 0, 4));
            netmask = InetAddress.getByAddress(Arrays.copyOfRange(octets, 4, 8));
            break;
        case 16:
            address = InetAddress.getByAddress(octets);
            netmask = null;
            break;
        case 32:
            address = InetAddress.getByAddress(Arrays.copyOfRange(octets, 0, 16));
            netmask = InetAddress.getByAddress(Arrays.copyOfRange(octets, 16, 32));
            break;
        default:
            throw new IOException("Unexpected data length: " + octets.length);
    }
    return new IPAddressName(address, netmask);
}

Also used : ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) IOException(java.io.IOException) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive) InetAddress(java.net.InetAddress)

Example 48 with ASN1Primitive

use of com.github.zhenwei.core.asn1.ASN1Primitive in project certmgr by hdecarne.

the class AuthorityKeyIdentifierExtensionData method decode.

/**
 * Decode {@code AuthorityKeyIdentifierExtensionData} from an ASN.1 data object.
 *
 * @param primitive The ASN.1 data object to decode.
 * @param critical The extension's critical flag.
 * @return The decoded extension data.
 * @throws IOException if an I/O error occurs during decoding.
 */
public static AuthorityKeyIdentifierExtensionData decode(ASN1Primitive primitive, boolean critical) throws IOException {
    ASN1Primitive[] sequence = decodeSequence(primitive, 0, Integer.MAX_VALUE);
    byte[] keyIdentifier = null;
    GeneralNames authorityCertIssuer = null;
    BigInteger authorityCertSerialNumber = null;
    for (ASN1Primitive sequenceEntry : sequence) {
        ASN1TaggedObject taggedObject = decodePrimitive(sequenceEntry, ASN1TaggedObject.class);
        int taggedObjectTag = taggedObject.getTagNo();
        switch(taggedObjectTag) {
            case 0:
                keyIdentifier = decodePrimitive(taggedObject.getObject(), ASN1OctetString.class).getOctets();
                break;
            case 1:
                authorityCertIssuer = GeneralNames.decode(taggedObject.getObject());
                break;
            case 2:
                authorityCertSerialNumber = decodePrimitive(taggedObject.getObject(), ASN1Integer.class).getValue();
                break;
            default:
                throw new IOException("Unsupported tag: " + taggedObjectTag);
        }
    }
    if (keyIdentifier == null && (authorityCertIssuer == null || authorityCertSerialNumber == null)) {
        throw new IOException("Invalid or incomplete extension data");
    }
    return new AuthorityKeyIdentifierExtensionData(critical, keyIdentifier, authorityCertIssuer, authorityCertSerialNumber);
}

Also used : ASN1TaggedObject(org.bouncycastle.asn1.ASN1TaggedObject) BigInteger(java.math.BigInteger) IOException(java.io.IOException) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive)

Example 49 with ASN1Primitive

use of com.github.zhenwei.core.asn1.ASN1Primitive in project vcert-java by Venafi.

the class PEMCollection method derPrivateKey.

public RawPrivateKey derPrivateKey() {
    if (Objects.isNull(this.privateKey)) {
        return null;
    }
    try {
        RawPrivateKey result = new RawPrivateKey();
        if (KeyType.from(this.privateKey.getAlgorithm()) == KeyType.RSA) {
            PrivateKeyInfo pkInfo = PrivateKeyInfo.getInstance(this.privateKey.getEncoded());
            ASN1Primitive privateKeyPKCS1ASN1 = pkInfo.parsePrivateKey().toASN1Primitive();
            result.data = privateKeyPKCS1ASN1.getEncoded();
        } else {
            result.data = this.privateKey.getEncoded();
        }
        if (privateKeyPassword == null) {
            return result;
        } else {
            result.iv = new byte[SECRET_KEY_LENGTH_BITS / 8];
            new SecureRandom().nextBytes(result.iv);
            SecretKeySpec secretKey = passwordToCipherSecretKey(privateKeyPassword.toCharArray(), result.iv);
            Cipher c = Cipher.getInstance(CIPHER_TRANSFORMATION);
            c.init(Cipher.ENCRYPT_MODE, secretKey, new IvParameterSpec(result.iv));
            result.data = c.doFinal(result.data);
            return result;
        }
    } catch (IOException | GeneralSecurityException e) {
        throw new RuntimeException(e);
    }
}

Also used : SecretKeySpec(javax.crypto.spec.SecretKeySpec) GeneralSecurityException(java.security.GeneralSecurityException) SecureRandom(java.security.SecureRandom) IvParameterSpec(javax.crypto.spec.IvParameterSpec) Cipher(javax.crypto.Cipher) IOException(java.io.IOException) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive) PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo) PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)

Example 50 with ASN1Primitive

use of com.github.zhenwei.core.asn1.ASN1Primitive in project tray by qzind.

the class AboutInfo method ssl.

private static JSONObject ssl(CertificateManager certificateManager) throws JSONException, CertificateEncodingException {
    JSONObject ssl = new JSONObject();
    JSONArray certs = new JSONArray();
    for (KeyPairWrapper keyPair : new KeyPairWrapper[] { certificateManager.getCaKeyPair(), certificateManager.getSslKeyPair() }) {
        X509Certificate x509 = keyPair.getCert();
        if (x509 != null) {
            JSONObject cert = new JSONObject();
            cert.put("alias", keyPair.getAlias());
            try {
                ASN1Primitive ext = X509ExtensionUtil.fromExtensionValue(x509.getExtensionValue(Extension.basicConstraints.getId()));
                cert.put("rootca", BasicConstraints.getInstance(ext).isCA());
            } catch (IOException | NullPointerException e) {
                cert.put("rootca", false);
            }
            cert.put("subject", x509.getSubjectX500Principal().getName());
            cert.put("expires", SystemUtilities.toISO(x509.getNotAfter()));
            cert.put("data", formatCert(x509.getEncoded()));
            certs.put(cert);
        }
    }
    ssl.put("certificates", certs);
    return ssl;
}

Also used : KeyPairWrapper(qz.installer.certificate.KeyPairWrapper) JSONObject(org.codehaus.jettison.json.JSONObject) JSONArray(org.codehaus.jettison.json.JSONArray) IOException(java.io.IOException) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive) X509Certificate(java.security.cert.X509Certificate)

Aggregations

ASN1EncodableVector (com.github.zhenwei.core.asn1.ASN1EncodableVector)253 DERSequence (com.github.zhenwei.core.asn1.DERSequence)231 ASN1Primitive (org.bouncycastle.asn1.ASN1Primitive)177 IOException (java.io.IOException)107 ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)62 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)57 DERTaggedObject (com.github.zhenwei.core.asn1.DERTaggedObject)55 ASN1Integer (com.github.zhenwei.core.asn1.ASN1Integer)42 DEROctetString (com.github.zhenwei.core.asn1.DEROctetString)38 ByteArrayInputStream (java.io.ByteArrayInputStream)38 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)32 ASN1Primitive (com.github.zhenwei.core.asn1.ASN1Primitive)31 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)31 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)30 DEROctetString (org.bouncycastle.asn1.DEROctetString)28 BigInteger (java.math.BigInteger)24 GeneralSecurityException (java.security.GeneralSecurityException)24 X509Certificate (java.security.cert.X509Certificate)24 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)23 DERIA5String (org.bouncycastle.asn1.DERIA5String)22