Search in sources :

Example 11 with ASN1UTCTime

use of com.github.zhenwei.core.asn1.ASN1UTCTime in project openkeystore by cyberphone.

the class CA method getASN1Time.

private ASN1Time getASN1Time(Date date) throws IOException {
    GregorianCalendar gc = new GregorianCalendar();
    gc.setTime(date);
    if (gc.get(GregorianCalendar.YEAR) < 2050) {
        return new ASN1UTCTime(date);
    }
    return new ASN1GeneralizedTime(date);
}
Also used : GregorianCalendar(java.util.GregorianCalendar) ASN1UTCTime(org.webpki.asn1.ASN1UTCTime) ASN1GeneralizedTime(org.webpki.asn1.ASN1GeneralizedTime)

Example 12 with ASN1UTCTime

use of com.github.zhenwei.core.asn1.ASN1UTCTime in project gdmatrix by gdmatrix.

the class P7MDocument method getSignatures.

public List<P7MSignature> getSignatures() throws Exception {
    ArrayList<P7MSignature> signatures = new ArrayList();
    // CertStore certStore = cms.getCertificatesAndCRLs("Collection", "BC");
    Store certStore = cms.getCertificates();
    SignerInformationStore siStore = cms.getSignerInfos();
    Collection signers = siStore.getSigners();
    for (Object elem : signers) {
        SignerInformation signer = (SignerInformation) elem;
        P7MSignature signature = new P7MSignature();
        signatures.add(signature);
        Collection certCollection = certStore.getMatches(signer.getSID());
        // Collection certCollection = certStore.getCertificates(certSelector);
        X509CertificateHolder certificateHolder = (X509CertificateHolder) certCollection.iterator().next();
        X509Certificate certificate = new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificateHolder);
        signature.setCertificate(certificate);
        signature.loadProperties();
        signature.setSignature(Base64.getMimeEncoder().encodeToString(signer.getSignature()).toUpperCase());
        // **** signed attributes ****
        AttributeTable table = signer.getSignedAttributes();
        Hashtable attributes = table.toHashtable();
        // signingTime
        Attribute attrib = (Attribute) attributes.get(new ASN1ObjectIdentifier("1.2.840.113549.1.9.5"));
        if (attrib != null) {
            ASN1UTCTime time = (ASN1UTCTime) attrib.getAttrValues().getObjectAt(0);
            String timeString = time.getAdjustedTime();
            SimpleDateFormat df = new SimpleDateFormat("yyyyMMddHHmmss'GMT+'00:00");
            signature.setSigningDate(df.parse(timeString));
        }
        // filename
        DEROctetString octet;
        attrib = (Attribute) attributes.get(new ASN1ObjectIdentifier("1.3.6.1.4.1.311.88.2.1"));
        if (attrib != null) {
            octet = (DEROctetString) attrib.getAttrValues().getObjectAt(0);
            if (octet != null) {
                signature.setFilename(new String(octet.getOctets(), "UTF-16LE"));
            }
        }
        // decretNumber
        attrib = (Attribute) attributes.get(new ASN1ObjectIdentifier("1.3.6.1.4.1.311.88.2.2"));
        if (attrib != null) {
            octet = (DEROctetString) attrib.getAttrValues().getObjectAt(0);
            if (octet != null) {
                signature.setDecretNumber(new String(octet.getOctets(), "UTF-16LE"));
            }
        }
        // **** unsigned attributes ****
        table = signer.getUnsignedAttributes();
        if (table != null) {
            attributes = table.toHashtable();
            // timeStampToken
            attrib = (Attribute) attributes.get(new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.2.14"));
            if (attrib != null) {
                ASN1Sequence seq = (ASN1Sequence) attrib.getAttrValues().getObjectAt(0);
                ContentInfo timeStampToken = ContentInfo.getInstance(seq);
                SignedData sd = SignedData.getInstance(timeStampToken.getContent());
                ASN1Set certificates = sd.getCertificates();
                ASN1Primitive derCert = certificates.getObjectAt(0).toASN1Primitive();
                byte[] certBytes = derCert.getEncoded();
                CertificateFactory certFactory = CertificateFactory.getInstance("X509");
                X509Certificate tsCertificate = (X509Certificate) certFactory.generateCertificate(new ByteArrayInputStream(certBytes));
                signature.setTimeStampCertificate(tsCertificate);
                ASN1Encodable content = sd.getEncapContentInfo().getContent();
                // TSTInfo tstInfo = new TSTInfo((ASN1Sequence)
                // new ASN1InputStream(((ASN1OctetString)content).getOctets()).readObject());
                TSTInfo tstInfo = TSTInfo.getInstance(((ASN1OctetString) content).getOctets());
                signature.setTimeStampDate(tstInfo.getGenTime().getDate());
            }
        }
        // signature validation
        signature.setValid(signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(signature.getCertificate())));
    }
    Collections.sort(signatures);
    return signatures;
}
Also used : Attribute(org.bouncycastle.asn1.cms.Attribute) ArrayList(java.util.ArrayList) AttributeTable(org.bouncycastle.asn1.cms.AttributeTable) Store(org.bouncycastle.util.Store) SignerInformationStore(org.bouncycastle.cms.SignerInformationStore) ASN1UTCTime(org.bouncycastle.asn1.ASN1UTCTime) SignerInformation(org.bouncycastle.cms.SignerInformation) DEROctetString(org.bouncycastle.asn1.DEROctetString) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) CertificateFactory(java.security.cert.CertificateFactory) DEROctetString(org.bouncycastle.asn1.DEROctetString) SignerInformationStore(org.bouncycastle.cms.SignerInformationStore) ContentInfo(org.bouncycastle.asn1.cms.ContentInfo) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) SignedData(org.bouncycastle.asn1.cms.SignedData) CMSSignedData(org.bouncycastle.cms.CMSSignedData) Hashtable(java.util.Hashtable) JcaSimpleSignerInfoVerifierBuilder(org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder) X509Certificate(java.security.cert.X509Certificate) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) TSTInfo(org.bouncycastle.asn1.tsp.TSTInfo) ASN1Set(org.bouncycastle.asn1.ASN1Set) ByteArrayInputStream(java.io.ByteArrayInputStream) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) Collection(java.util.Collection) SimpleDateFormat(java.text.SimpleDateFormat) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 13 with ASN1UTCTime

use of com.github.zhenwei.core.asn1.ASN1UTCTime in project gdmatrix by gdmatrix.

the class CMSData method getSignatures.

public List<CMSSignature> getSignatures() throws Exception {
    ArrayList<CMSSignature> signatures = new ArrayList();
    Store certStore = cms.getCertificates();
    SignerInformationStore siStore = cms.getSignerInfos();
    Collection signers = siStore.getSigners();
    for (Object elem : signers) {
        SignerInformation signer = (SignerInformation) elem;
        CMSSignature signature = new CMSSignature();
        signatures.add(signature);
        org.bouncycastle.cms.SignerId sid = signer.getSID();
        Collection certCollection = certStore.getMatches(sid);
        X509CertificateHolder certificateHolder = (X509CertificateHolder) certCollection.iterator().next();
        X509Certificate certificate = new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificateHolder);
        signature.setCertificate(certificate);
        String signerName = certificate.getSubjectDN().getName();
        signature.loadProperties(signerName);
        signature.setSignature(Base64.getMimeEncoder().encodeToString(signer.getSignature()).toUpperCase());
        // **** signed attributes ****
        AttributeTable table = signer.getSignedAttributes();
        Hashtable attributes = table.toHashtable();
        // signingTime
        Attribute attrib = (Attribute) attributes.get(new ASN1ObjectIdentifier("1.2.840.113549.1.9.5"));
        if (attrib != null) {
            ASN1UTCTime time = (ASN1UTCTime) attrib.getAttrValues().getObjectAt(0);
            String timeString = time.getAdjustedTime();
            SimpleDateFormat df = new SimpleDateFormat("yyyyMMddHHmmss'GMT+'00:00");
            signature.setSigningDate(df.parse(timeString));
        }
        // filename
        DEROctetString octet;
        attrib = (Attribute) attributes.get(new ASN1ObjectIdentifier("1.3.6.1.4.1.311.88.2.1"));
        if (attrib != null) {
            octet = (DEROctetString) attrib.getAttrValues().getObjectAt(0);
            if (octet != null) {
                signature.setFilename(new String(octet.getOctets(), "UTF-16LE"));
            }
        }
        // decretNumber
        attrib = (Attribute) attributes.get(new ASN1ObjectIdentifier("1.3.6.1.4.1.311.88.2.2"));
        if (attrib != null) {
            octet = (DEROctetString) attrib.getAttrValues().getObjectAt(0);
            if (octet != null) {
                signature.setDecretNumber(new String(octet.getOctets(), "UTF-16LE"));
            }
        }
        // **** unsigned attributes ****
        table = signer.getUnsignedAttributes();
        if (table != null) {
            attributes = table.toHashtable();
            // timeStampToken
            attrib = (Attribute) attributes.get(new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.2.14"));
            if (attrib != null) {
                DERSequence seq = (DERSequence) attrib.getAttrValues().getObjectAt(0);
                ContentInfo timeStampToken = ContentInfo.getInstance(seq);
                SignedData sd = SignedData.getInstance(timeStampToken.getContent());
                ASN1Encodable content = sd.getEncapContentInfo().getContent();
                // TSTInfo tstInfo = new TSTInfo((ASN1Sequence)
                // new ASN1InputStream(((DEROctetString)content).getOctets()).readObject());
                TSTInfo tstInfo = TSTInfo.getInstance(((ASN1OctetString) content).getOctets());
                signature.setTimeStampDate(tstInfo.getGenTime().getDate());
            }
        }
        // signature validation
        // signature.setValid(signer.verify(signature.getCertificate(), "BC"));
        signature.setValid(signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(signature.getCertificate())));
    }
    Collections.sort(signatures);
    return signatures;
}
Also used : Attribute(org.bouncycastle.asn1.cms.Attribute) ArrayList(java.util.ArrayList) AttributeTable(org.bouncycastle.asn1.cms.AttributeTable) Store(org.bouncycastle.util.Store) SignerInformationStore(org.bouncycastle.cms.SignerInformationStore) ASN1UTCTime(org.bouncycastle.asn1.ASN1UTCTime) SignerInformation(org.bouncycastle.cms.SignerInformation) DEROctetString(org.bouncycastle.asn1.DEROctetString) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERSequence(org.bouncycastle.asn1.DERSequence) SignerInformationStore(org.bouncycastle.cms.SignerInformationStore) ContentInfo(org.bouncycastle.asn1.cms.ContentInfo) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) SignedData(org.bouncycastle.asn1.cms.SignedData) CMSSignedData(org.bouncycastle.cms.CMSSignedData) Hashtable(java.util.Hashtable) JcaSimpleSignerInfoVerifierBuilder(org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder) X509Certificate(java.security.cert.X509Certificate) TSTInfo(org.bouncycastle.asn1.tsp.TSTInfo) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) Collection(java.util.Collection) SimpleDateFormat(java.text.SimpleDateFormat) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 14 with ASN1UTCTime

use of com.github.zhenwei.core.asn1.ASN1UTCTime in project gdmatrix by gdmatrix.

the class CMSUtils method printAttribute.

public static void printAttribute(Attribute attribute) throws Exception {
    ASN1Set set = attribute.getAttrValues();
    ASN1Primitive der = set.getObjectAt(0).toASN1Primitive();
    System.out.println(der.getClass());
    if (der instanceof DEROctetString) {
        DEROctetString octet = (DEROctetString) der;
        byte[] data = octet.getOctets();
        System.out.println(new String(data, "UTF-16LE"));
    } else if (der instanceof ASN1UTCTime) {
        ASN1UTCTime utcTime = (ASN1UTCTime) der;
        String time = utcTime.getAdjustedTime();
        System.out.println(time);
    } else if (der instanceof ASN1ObjectIdentifier) {
        ASN1ObjectIdentifier id = (ASN1ObjectIdentifier) der;
        System.out.println(id.getId());
    }
}
Also used : ASN1Set(org.bouncycastle.asn1.ASN1Set) ASN1UTCTime(org.bouncycastle.asn1.ASN1UTCTime) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DEROctetString(org.bouncycastle.asn1.DEROctetString) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive) DEROctetString(org.bouncycastle.asn1.DEROctetString) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 15 with ASN1UTCTime

use of com.github.zhenwei.core.asn1.ASN1UTCTime in project ldapsdk by pingidentity.

the class X509CertificateTestCase method testDecodeVersionNotInteger.

/**
 * Tests the behavior when trying to decode a certificate with a version that
 * cannot be parsed as an integer.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test(expectedExceptions = { CertException.class })
public void testDecodeVersionNotInteger() throws Exception {
    final long notBefore = System.currentTimeMillis();
    final long notAfter = notBefore + (365L * 24L * 60L * 60L * 1000L);
    final ASN1Sequence valueSequence = new ASN1Sequence(new ASN1Sequence(new ASN1Element((byte) 0xA0), new ASN1BigInteger(12435L), new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.4")), new ASN1Null()), X509Certificate.encodeName(new DN("CN=issuer")), new ASN1Sequence(new ASN1UTCTime(notBefore), new ASN1UTCTime(notAfter)), X509Certificate.encodeName(new DN("CN=ldap.example.com")), new ASN1Sequence(new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.5")), new ASN1Null()), new ASN1BitString(new boolean[1024]))), new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.4")), new ASN1Null()), new ASN1BitString(new boolean[1024]));
    new X509Certificate(valueSequence.encode());
}
Also used : ASN1Sequence(com.unboundid.asn1.ASN1Sequence) ASN1Element(com.unboundid.asn1.ASN1Element) ASN1UTCTime(com.unboundid.asn1.ASN1UTCTime) ASN1BigInteger(com.unboundid.asn1.ASN1BigInteger) DN(com.unboundid.ldap.sdk.DN) OID(com.unboundid.util.OID) ASN1ObjectIdentifier(com.unboundid.asn1.ASN1ObjectIdentifier) ASN1BitString(com.unboundid.asn1.ASN1BitString) ASN1Null(com.unboundid.asn1.ASN1Null) Test(org.testng.annotations.Test)

Aggregations

ASN1Sequence (com.unboundid.asn1.ASN1Sequence)7 ASN1UTCTime (com.unboundid.asn1.ASN1UTCTime)7 ASN1BitString (com.unboundid.asn1.ASN1BitString)6 ASN1Element (com.unboundid.asn1.ASN1Element)6 ASN1Null (com.unboundid.asn1.ASN1Null)6 ASN1ObjectIdentifier (com.unboundid.asn1.ASN1ObjectIdentifier)6 DN (com.unboundid.ldap.sdk.DN)6 OID (com.unboundid.util.OID)6 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)6 ASN1UTCTime (org.bouncycastle.asn1.ASN1UTCTime)6 Test (org.testng.annotations.Test)6 ASN1BigInteger (com.unboundid.asn1.ASN1BigInteger)5 ASN1Integer (com.unboundid.asn1.ASN1Integer)5 ASN1OctetString (com.unboundid.asn1.ASN1OctetString)4 X509Certificate (java.security.cert.X509Certificate)4 Attribute (org.bouncycastle.asn1.cms.Attribute)4 AttributeTable (org.bouncycastle.asn1.cms.AttributeTable)4 X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)4 JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)4 CMSSignedData (org.bouncycastle.cms.CMSSignedData)4