Example 1 with ASN1StreamParser
use of com.github.zhenwei.core.asn1.ASN1StreamParser in project xipki by xipki.
the class XmlX509Certprofile method initQcStatements.
private void initQcStatements(Set<ASN1ObjectIdentifier> extnIds, ExtensionsType extensionsType) throws CertprofileException {
ASN1ObjectIdentifier type = Extension.qCStatements;
if (!extensionControls.containsKey(type)) {
return;
}
extnIds.remove(type);
QcStatements extConf = (QcStatements) getExtensionValue(type, extensionsType, QcStatements.class);
if (extConf == null) {
return;
}
List<QcStatementType> qcStatementTypes = extConf.getQcStatement();
this.qcStatementsOption = new ArrayList<>(qcStatementTypes.size());
Set<String> currencyCodes = new HashSet<>();
boolean requireInfoFromReq = false;
for (QcStatementType m : qcStatementTypes) {
ASN1ObjectIdentifier qcStatementId = new ASN1ObjectIdentifier(m.getStatementId().getValue());
QcStatementOption qcStatementOption;
QcStatementValueType statementValue = m.getStatementValue();
if (statementValue == null) {
QCStatement qcStatment = new QCStatement(qcStatementId);
qcStatementOption = new QcStatementOption(qcStatment);
} else if (statementValue.getQcRetentionPeriod() != null) {
QCStatement qcStatment = new QCStatement(qcStatementId, new ASN1Integer(statementValue.getQcRetentionPeriod()));
qcStatementOption = new QcStatementOption(qcStatment);
} else if (statementValue.getConstant() != null) {
ASN1Encodable constantStatementValue;
try {
constantStatementValue = new ASN1StreamParser(statementValue.getConstant().getValue()).readObject();
} catch (IOException ex) {
throw new CertprofileException("can not parse the constant value of QcStatement");
}
QCStatement qcStatment = new QCStatement(qcStatementId, constantStatementValue);
qcStatementOption = new QcStatementOption(qcStatment);
} else if (statementValue.getQcEuLimitValue() != null) {
QcEuLimitValueType euLimitType = statementValue.getQcEuLimitValue();
String tmpCurrency = euLimitType.getCurrency().toUpperCase();
if (currencyCodes.contains(tmpCurrency)) {
throw new CertprofileException("Duplicated definition of qcStatments with QCEuLimitValue" + " for the currency " + tmpCurrency);
}
Iso4217CurrencyCode currency = StringUtil.isNumber(tmpCurrency) ? new Iso4217CurrencyCode(Integer.parseInt(tmpCurrency)) : new Iso4217CurrencyCode(tmpCurrency);
Range2Type r1 = euLimitType.getAmount();
Range2Type r2 = euLimitType.getExponent();
if (r1.getMin() == r1.getMax() && r2.getMin() == r2.getMax()) {
MonetaryValue monetaryValue = new MonetaryValue(currency, r1.getMin(), r2.getMin());
QCStatement qcStatement = new QCStatement(qcStatementId, monetaryValue);
qcStatementOption = new QcStatementOption(qcStatement);
} else {
MonetaryValueOption monetaryValueOption = new MonetaryValueOption(currency, r1, r2);
qcStatementOption = new QcStatementOption(qcStatementId, monetaryValueOption);
requireInfoFromReq = true;
}
currencyCodes.add(tmpCurrency);
} else if (statementValue.getPdsLocations() != null) {
ASN1EncodableVector vec = new ASN1EncodableVector();
for (PdsLocationType pl : statementValue.getPdsLocations().getPdsLocation()) {
ASN1EncodableVector vec2 = new ASN1EncodableVector();
vec2.add(new DERIA5String(pl.getUrl()));
String lang = pl.getLanguage();
if (lang.length() != 2) {
throw new RuntimeException("invalid language '" + lang + "'");
}
vec2.add(new DERPrintableString(lang));
DERSequence seq = new DERSequence(vec2);
vec.add(seq);
}
QCStatement qcStatement = new QCStatement(qcStatementId, new DERSequence(vec));
qcStatementOption = new QcStatementOption(qcStatement);
} else {
throw new RuntimeException("unknown value of qcStatment");
}
this.qcStatementsOption.add(qcStatementOption);
}
if (requireInfoFromReq) {
return;
}
ASN1EncodableVector vec = new ASN1EncodableVector();
for (QcStatementOption m : qcStatementsOption) {
if (m.getStatement() == null) {
throw new RuntimeException("should not reach here");
}
vec.add(m.getStatement());
}
ASN1Sequence seq = new DERSequence(vec);
qcStatments = new ExtensionValue(extensionControls.get(type).isCritical(), seq);
qcStatementsOption = null;
}
Also used :
QCStatement(org.bouncycastle.asn1.x509.qualified.QCStatement)
DERPrintableString(org.bouncycastle.asn1.DERPrintableString)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
DirectoryString(org.bouncycastle.asn1.x500.DirectoryString)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
Iso4217CurrencyCode(org.bouncycastle.asn1.x509.qualified.Iso4217CurrencyCode)
QcStatements(org.xipki.ca.certprofile.x509.jaxb.QcStatements)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
DERSequence(org.bouncycastle.asn1.DERSequence)
ExtensionValue(org.xipki.ca.api.profile.ExtensionValue)
CertprofileException(org.xipki.ca.api.profile.CertprofileException)
Range2Type(org.xipki.ca.certprofile.x509.jaxb.Range2Type)
DERPrintableString(org.bouncycastle.asn1.DERPrintableString)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
HashSet(java.util.HashSet)
ASN1StreamParser(org.bouncycastle.asn1.ASN1StreamParser)
QcStatementValueType(org.xipki.ca.certprofile.x509.jaxb.QcStatementValueType)
MonetaryValue(org.bouncycastle.asn1.x509.qualified.MonetaryValue)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
IOException(java.io.IOException)
PdsLocationType(org.xipki.ca.certprofile.x509.jaxb.PdsLocationType)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
QcStatementType(org.xipki.ca.certprofile.x509.jaxb.QcStatementType)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
QcEuLimitValueType(org.xipki.ca.certprofile.x509.jaxb.QcEuLimitValueType)
Example 2 with ASN1StreamParser
use of com.github.zhenwei.core.asn1.ASN1StreamParser in project xipki by xipki.
the class ExtensionsChecker method buildConstantExtesions.
// method getExtensionValue
public static Map<ASN1ObjectIdentifier, QaExtensionValue> buildConstantExtesions(ExtensionsType extensionsType) throws CertprofileException {
if (extensionsType == null) {
return null;
}
Map<ASN1ObjectIdentifier, QaExtensionValue> map = new HashMap<>();
for (ExtensionType m : extensionsType.getExtension()) {
if (m.getValue() == null || !(m.getValue().getAny() instanceof ConstantExtValue)) {
continue;
}
ASN1ObjectIdentifier oid = new ASN1ObjectIdentifier(m.getType().getValue());
if (Extension.subjectAlternativeName.equals(oid) || Extension.subjectInfoAccess.equals(oid) || Extension.biometricInfo.equals(oid)) {
continue;
}
ConstantExtValue extConf = (ConstantExtValue) m.getValue().getAny();
byte[] encodedValue = extConf.getValue();
ASN1StreamParser parser = new ASN1StreamParser(encodedValue);
try {
parser.readObject();
} catch (IOException ex) {
throw new CertprofileException("could not parse the constant extension value", ex);
}
QaExtensionValue extension = new QaExtensionValue(m.isCritical(), encodedValue);
map.put(oid, extension);
}
if (CollectionUtil.isEmpty(map)) {
return null;
}
return Collections.unmodifiableMap(map);
}
Also used :
QaExtensionValue(org.xipki.ca.qa.internal.QaExtensionValue)
HashMap(java.util.HashMap)
CertprofileException(org.xipki.ca.api.profile.CertprofileException)
ExtensionType(org.xipki.ca.certprofile.x509.jaxb.ExtensionType)
IOException(java.io.IOException)
ConstantExtValue(org.xipki.ca.certprofile.x509.jaxb.ConstantExtValue)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
ASN1StreamParser(org.bouncycastle.asn1.ASN1StreamParser)
Example 3 with ASN1StreamParser
use of com.github.zhenwei.core.asn1.ASN1StreamParser in project xipki by xipki.
the class X509CertprofileQa method buildConstantExtesions.
public static Map<ASN1ObjectIdentifier, QaExtensionValue> buildConstantExtesions(ExtensionsType extensionsType) throws CertprofileException {
if (extensionsType == null) {
return null;
}
Map<ASN1ObjectIdentifier, QaExtensionValue> map = new HashMap<>();
for (ExtensionType m : extensionsType.getExtension()) {
if (m.getValue() == null || !(m.getValue().getAny() instanceof ConstantExtValue)) {
continue;
}
ASN1ObjectIdentifier oid = new ASN1ObjectIdentifier(m.getType().getValue());
if (Extension.subjectAlternativeName.equals(oid) || Extension.subjectInfoAccess.equals(oid) || Extension.biometricInfo.equals(oid)) {
continue;
}
ConstantExtValue extConf = (ConstantExtValue) m.getValue().getAny();
byte[] encodedValue = extConf.getValue();
ASN1StreamParser parser = new ASN1StreamParser(encodedValue);
try {
parser.readObject();
} catch (IOException ex) {
throw new CertprofileException("could not parse the constant extension value", ex);
}
QaExtensionValue extension = new QaExtensionValue(m.isCritical(), encodedValue);
map.put(oid, extension);
}
if (CollectionUtil.isEmpty(map)) {
return null;
}
return Collections.unmodifiableMap(map);
}
Also used :
QaExtensionValue(org.xipki.ca.qa.internal.QaExtensionValue)
HashMap(java.util.HashMap)
CertprofileException(org.xipki.ca.api.profile.CertprofileException)
ExtensionType(org.xipki.ca.certprofile.x509.jaxb.ExtensionType)
IOException(java.io.IOException)
ConstantExtValue(org.xipki.ca.certprofile.x509.jaxb.ConstantExtValue)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
ASN1StreamParser(org.bouncycastle.asn1.ASN1StreamParser)
Example 4 with ASN1StreamParser
use of com.github.zhenwei.core.asn1.ASN1StreamParser in project xipki by xipki.
the class XmlX509CertprofileUtil method buildConstantExtesions.
// method buildExtKeyUsageOptions
public static Map<ASN1ObjectIdentifier, ExtensionValue> buildConstantExtesions(ExtensionsType extensionsType) throws CertprofileException {
if (extensionsType == null) {
return null;
}
Map<ASN1ObjectIdentifier, ExtensionValue> map = new HashMap<>();
for (ExtensionType m : extensionsType.getExtension()) {
ASN1ObjectIdentifier oid = new ASN1ObjectIdentifier(m.getType().getValue());
if (Extension.subjectAlternativeName.equals(oid) || Extension.subjectInfoAccess.equals(oid) || Extension.biometricInfo.equals(oid)) {
continue;
}
if (m.getValue() == null || !(m.getValue().getAny() instanceof ConstantExtValue)) {
continue;
}
ConstantExtValue extConf = (ConstantExtValue) m.getValue().getAny();
byte[] encodedValue = extConf.getValue();
ASN1StreamParser parser = new ASN1StreamParser(encodedValue);
ASN1Encodable value;
try {
value = parser.readObject();
} catch (IOException ex) {
throw new CertprofileException("could not parse the constant extension value", ex);
}
ExtensionValue extension = new ExtensionValue(m.isCritical(), value);
map.put(oid, extension);
}
if (CollectionUtil.isEmpty(map)) {
return null;
}
return Collections.unmodifiableMap(map);
}
Also used :
ExtensionValue(org.xipki.ca.api.profile.ExtensionValue)
HashMap(java.util.HashMap)
CertprofileException(org.xipki.ca.api.profile.CertprofileException)
ExtensionType(org.xipki.ca.certprofile.x509.jaxb.ExtensionType)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
IOException(java.io.IOException)
ConstantExtValue(org.xipki.ca.certprofile.x509.jaxb.ConstantExtValue)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
ASN1StreamParser(org.bouncycastle.asn1.ASN1StreamParser)
Example 5 with ASN1StreamParser
use of com.github.zhenwei.core.asn1.ASN1StreamParser in project LinLong-Java by zhenwei1108.
the class CMSSignedDataParser method replaceCertificatesAndCRLs.
/**
* Replace the certificate and CRL information associated with this CMSSignedData object with the
* new one passed in.
* <p>
* The output stream is returned unclosed.
* </p>
*
* @param original the signed data stream to be used as a base.
* @param certs new certificates to be used, if any.
* @param crls new CRLs to be used, if any.
* @param attrCerts new attribute certificates to be used, if any.
* @param out the stream to write the new signed data object to.
* @return out.
* @throws CMSException if there is an error processing the CertStore
*/
public static OutputStream replaceCertificatesAndCRLs(InputStream original, Store certs, Store crls, Store attrCerts, OutputStream out) throws CMSException, IOException {
ASN1StreamParser in = new ASN1StreamParser(original);
ContentInfoParser contentInfo = new ContentInfoParser((ASN1SequenceParser) in.readObject());
SignedDataParser signedData = SignedDataParser.getInstance(contentInfo.getContent(BERTags.SEQUENCE));
BERSequenceGenerator sGen = new BERSequenceGenerator(out);
sGen.addObject(CMSObjectIdentifiers.signedData);
BERSequenceGenerator sigGen = new BERSequenceGenerator(sGen.getRawOutputStream(), 0, true);
// version number
sigGen.addObject(signedData.getVersion());
// digests
sigGen.getRawOutputStream().write(signedData.getDigestAlgorithms().toASN1Primitive().getEncoded());
// encap content info
ContentInfoParser encapContentInfo = signedData.getEncapContentInfo();
BERSequenceGenerator eiGen = new BERSequenceGenerator(sigGen.getRawOutputStream());
eiGen.addObject(encapContentInfo.getContentType());
pipeEncapsulatedOctetString(encapContentInfo, eiGen.getRawOutputStream());
eiGen.close();
//
// skip existing certs and CRLs
//
getASN1Set(signedData.getCertificates());
getASN1Set(signedData.getCrls());
//
if (certs != null || attrCerts != null) {
List certificates = new ArrayList();
if (certs != null) {
certificates.addAll(CMSUtils.getCertificatesFromStore(certs));
}
if (attrCerts != null) {
certificates.addAll(CMSUtils.getAttributeCertificatesFromStore(attrCerts));
}
ASN1Set asn1Certs = CMSUtils.createBerSetFromList(certificates);
if (asn1Certs.size() > 0) {
sigGen.getRawOutputStream().write(new DERTaggedObject(false, 0, asn1Certs).getEncoded());
}
}
if (crls != null) {
ASN1Set asn1Crls = CMSUtils.createBerSetFromList(CMSUtils.getCRLsFromStore(crls));
if (asn1Crls.size() > 0) {
sigGen.getRawOutputStream().write(new DERTaggedObject(false, 1, asn1Crls).getEncoded());
}
}
sigGen.getRawOutputStream().write(signedData.getSignerInfos().toASN1Primitive().getEncoded());
sigGen.close();
sGen.close();
return out;
}
Also used :
ContentInfoParser(com.github.zhenwei.pkix.util.asn1.cms.ContentInfoParser)
ASN1Set(com.github.zhenwei.core.asn1.ASN1Set)
SignedDataParser(com.github.zhenwei.pkix.util.asn1.cms.SignedDataParser)
DERTaggedObject(com.github.zhenwei.core.asn1.DERTaggedObject)
BERSequenceGenerator(com.github.zhenwei.core.asn1.BERSequenceGenerator)
ArrayList(java.util.ArrayList)
ArrayList(java.util.ArrayList)
List(java.util.List)
ASN1StreamParser(com.github.zhenwei.core.asn1.ASN1StreamParser)
Aggregations
IOException (java.io.IOException)4
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)4
ASN1StreamParser (org.bouncycastle.asn1.ASN1StreamParser)4
CertprofileException (org.xipki.ca.api.profile.CertprofileException)4
HashMap (java.util.HashMap)3
ConstantExtValue (org.xipki.ca.certprofile.x509.jaxb.ConstantExtValue)3
ExtensionType (org.xipki.ca.certprofile.x509.jaxb.ExtensionType)3
ASN1StreamParser (com.github.zhenwei.core.asn1.ASN1StreamParser)2
BERSequenceGenerator (com.github.zhenwei.core.asn1.BERSequenceGenerator)2
ContentInfoParser (com.github.zhenwei.pkix.util.asn1.cms.ContentInfoParser)2
SignedDataParser (com.github.zhenwei.pkix.util.asn1.cms.SignedDataParser)2
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)2
ExtensionValue (org.xipki.ca.api.profile.ExtensionValue)2
QaExtensionValue (org.xipki.ca.qa.internal.QaExtensionValue)2
ASN1EncodableVector (com.github.zhenwei.core.asn1.ASN1EncodableVector)1
ASN1Set (com.github.zhenwei.core.asn1.ASN1Set)1
DERSet (com.github.zhenwei.core.asn1.DERSet)1
DERTaggedObject (com.github.zhenwei.core.asn1.DERTaggedObject)1
ArrayList (java.util.ArrayList)1
HashSet (java.util.HashSet)1
