Examples with DERSequence com.github.zhenwei.core.asn1.DERSequence used on opensource projects

Search in sources :

Example 6 with DERSequence

use of com.github.zhenwei.core.asn1.DERSequence in project openicf by Evolveum.

the class BouncyCastlePEUtilities method getPassword.

public String getPassword(byte[] envelope) {
    ASN1InputStream aIn = null;
    try {
        aIn = new ASN1InputStream(envelope);
        Object o = null;
        DEROctetString oString = null;
        while ((o = aIn.readObject()) != null) {
            if (o instanceof DERSequence) {
                // identifier (1.2.840.113549.1.7.1)
                DERSequence seq = (DERSequence) o;
                if (seq.size() >= 2 && seq.getObjectAt(0) instanceof DERObjectIdentifier && "1.2.840.113549.1.7.1".equals(((DERObjectIdentifier) seq.getObjectAt(0)).getId())) {
                    if (seq.getObjectAt(1) instanceof DERTaggedObject && ((DERTaggedObject) seq.getObjectAt(1)).getObject() instanceof DEROctetString) {
                        oString = (DEROctetString) ((DERTaggedObject) seq.getObjectAt(1)).getObject();
                        break;
                    }
                }
            }
        }
        aIn.close();
        aIn = null;
        String pw = null;
        if (oString != null) {
            aIn = new ASN1InputStream(oString.getOctets());
            DERSequence seq = (DERSequence) aIn.readObject();
            if (seq.getObjectAt(2) instanceof DERUTF8String) {
                pw = ((DERUTF8String) seq.getObjectAt(2)).getString();
            }
            aIn.close();
            aIn = null;
        }
        return pw;
    } catch (IOException e) {
        try {
            if (aIn != null)
                aIn.close();
        } catch (IOException e2) {
        }
        throw ConnectorException.wrap(e);
    }
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) DERSequence(org.bouncycastle.asn1.DERSequence) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) DEROctetString(org.bouncycastle.asn1.DEROctetString) IOException(java.io.IOException) DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier) DEROctetString(org.bouncycastle.asn1.DEROctetString)

Example 7 with DERSequence

use of com.github.zhenwei.core.asn1.DERSequence in project bundletool by google.

the class CertificateFactory method buildSelfSignedCertificateDerEncoded.

/**
 * Builds a self-signed certificate.
 *
 * @return the DER-encoded certificate.
 */
private static byte[] buildSelfSignedCertificateDerEncoded(KeyPair keyPair, String distinguishedName, String signatureAlgorithm) {
    X500Principal principal = new X500Principal(distinguishedName);
    // Default is 30 years. Fields are ignored by Android framework anyway (as of Jan 2017).
    Instant notBefore = Instant.now();
    Instant notAfter = notBefore.atOffset(ZoneOffset.UTC).plusYears(30).toInstant();
    SecureRandom rng = new SecureRandom();
    try {
        return new JcaX509v3CertificateBuilder(principal, /* issuer */
        generateRandomSerialNumber(rng), new Date(notBefore.toEpochMilli()), new Date(notAfter.toEpochMilli()), principal, /* subject */
        keyPair.getPublic()).addExtension(new ASN1ObjectIdentifier(BASIC_CONSTRAINTS_EXTENSION), false, new DERSequence(ASN1Boolean.TRUE)).build(new JcaContentSignerBuilder(signatureAlgorithm).build(keyPair.getPrivate())).getEncoded();
    } catch (IOException e) {
        throw new UncheckedIOException(e);
    } catch (OperatorCreationException e) {
        throw new RuntimeException(e);
    }
}
Also used : DERSequence(org.bouncycastle.asn1.DERSequence) JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) Instant(java.time.Instant) JcaX509v3CertificateBuilder(org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder) X500Principal(javax.security.auth.x500.X500Principal) SecureRandom(java.security.SecureRandom) UncheckedIOException(java.io.UncheckedIOException) IOException(java.io.IOException) UncheckedIOException(java.io.UncheckedIOException) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException) Date(java.util.Date) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 8 with DERSequence

use of com.github.zhenwei.core.asn1.DERSequence in project axelor-open-suite by axelor.

the class X509Generator method getAuthorityKeyIdentifier.

/**
 * Returns the <code>AuthorityKeyIdentifier</code> corresponding to a given <code>PublicKey</code>
 *
 * @param publicKey the given public key
 * @param issuer the certificate issuer
 * @param serial the certificate serial number
 * @return the authority key identifier of the public key
 * @throws IOException
 */
private AuthorityKeyIdentifier getAuthorityKeyIdentifier(PublicKey publicKey, String issuer, BigInteger serial) throws IOException {
    InputStream input;
    SubjectPublicKeyInfo keyInfo;
    ASN1EncodableVector vector;
    input = new ByteArrayInputStream(publicKey.getEncoded());
    try (final ASN1InputStream is = new ASN1InputStream(input)) {
        keyInfo = SubjectPublicKeyInfo.getInstance((ASN1Sequence) is.readObject());
    }
    vector = new ASN1EncodableVector();
    vector.add(new GeneralName(new X509Name(issuer)));
    return new AuthorityKeyIdentifier(keyInfo, GeneralNames.getInstance(new DERSequence(vector)), serial);
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) X509Name(org.bouncycastle.asn1.x509.X509Name) DERSequence(org.bouncycastle.asn1.DERSequence) ByteArrayInputStream(java.io.ByteArrayInputStream) ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) AuthorityKeyIdentifier(org.bouncycastle.asn1.x509.AuthorityKeyIdentifier) GeneralName(org.bouncycastle.asn1.x509.GeneralName) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)

Example 9 with DERSequence

use of com.github.zhenwei.core.asn1.DERSequence in project itext2 by albfernandez.

the class PdfPKCS7 method getEncodedPKCS7.

/**
 * Gets the bytes for the PKCS7SignedData object. Optionally the authenticatedAttributes
 * in the signerInfo can also be set, OR a time-stamp-authority client
 * may be provided.
 * @param secondDigest the digest in the authenticatedAttributes
 * @param signingTime the signing time in the authenticatedAttributes
 * @param tsaClient TSAClient - null or an optional time stamp authority client
 * @return byte[] the bytes for the PKCS7SignedData object
 * @since	2.1.6
 */
public byte[] getEncodedPKCS7(byte[] secondDigest, Calendar signingTime, TSAClient tsaClient, byte[] ocsp) {
    try {
        if (externalDigest != null) {
            digest = externalDigest;
            if (RSAdata != null)
                RSAdata = externalRSAdata;
        } else if (externalRSAdata != null && RSAdata != null) {
            RSAdata = externalRSAdata;
            sig.update(RSAdata);
            digest = sig.sign();
        } else {
            if (RSAdata != null) {
                RSAdata = messageDigest.digest();
                sig.update(RSAdata);
            }
            digest = sig.sign();
        }
        // Create the set of Hash algorithms
        ASN1EncodableVector digestAlgorithms = new ASN1EncodableVector();
        for (Iterator it = digestalgos.iterator(); it.hasNext(); ) {
            ASN1EncodableVector algos = new ASN1EncodableVector();
            algos.add(new ASN1ObjectIdentifier((String) it.next()));
            algos.add(DERNull.INSTANCE);
            digestAlgorithms.add(new DERSequence(algos));
        }
        // Create the contentInfo.
        ASN1EncodableVector v = new ASN1EncodableVector();
        v.add(new ASN1ObjectIdentifier(ID_PKCS7_DATA));
        if (RSAdata != null)
            v.add(new DERTaggedObject(0, new DEROctetString(RSAdata)));
        DERSequence contentinfo = new DERSequence(v);
        // Get all the certificates
        // 
        v = new ASN1EncodableVector();
        for (Iterator i = certs.iterator(); i.hasNext(); ) {
            ASN1InputStream tempstream = new ASN1InputStream(new ByteArrayInputStream(((X509Certificate) i.next()).getEncoded()));
            v.add(tempstream.readObject());
        }
        DERSet dercertificates = new DERSet(v);
        // Create signerinfo structure.
        // 
        ASN1EncodableVector signerinfo = new ASN1EncodableVector();
        // Add the signerInfo version
        // 
        signerinfo.add(new ASN1Integer(signerversion));
        v = new ASN1EncodableVector();
        v.add(getIssuer(signCert.getTBSCertificate()));
        v.add(new ASN1Integer(signCert.getSerialNumber()));
        signerinfo.add(new DERSequence(v));
        // Add the digestAlgorithm
        v = new ASN1EncodableVector();
        v.add(new ASN1ObjectIdentifier(digestAlgorithm));
        v.add(DERNull.INSTANCE);
        signerinfo.add(new DERSequence(v));
        // add the authenticated attribute if present
        if (secondDigest != null && signingTime != null) {
            signerinfo.add(new DERTaggedObject(false, 0, getAuthenticatedAttributeSet(secondDigest, signingTime, ocsp)));
        }
        // Add the digestEncryptionAlgorithm
        v = new ASN1EncodableVector();
        v.add(new ASN1ObjectIdentifier(digestEncryptionAlgorithm));
        v.add(DERNull.INSTANCE);
        signerinfo.add(new DERSequence(v));
        // Add the digest
        signerinfo.add(new DEROctetString(digest));
        // Sam found Adobe expects time-stamped SHA1-1 of the encrypted digest
        if (tsaClient != null) {
            byte[] tsImprint = MessageDigest.getInstance("SHA-1").digest(digest);
            byte[] tsToken = tsaClient.getTimeStampToken(this, tsImprint);
            if (tsToken != null) {
                ASN1EncodableVector unauthAttributes = buildUnauthenticatedAttributes(tsToken);
                if (unauthAttributes != null) {
                    signerinfo.add(new DERTaggedObject(false, 1, new DERSet(unauthAttributes)));
                }
            }
        }
        // Finally build the body out of all the components above
        ASN1EncodableVector body = new ASN1EncodableVector();
        body.add(new ASN1Integer(version));
        body.add(new DERSet(digestAlgorithms));
        body.add(contentinfo);
        body.add(new DERTaggedObject(false, 0, dercertificates));
        if (!crls.isEmpty()) {
            v = new ASN1EncodableVector();
            for (Iterator i = crls.iterator(); i.hasNext(); ) {
                ASN1InputStream t = new ASN1InputStream(new ByteArrayInputStream(((X509CRL) i.next()).getEncoded()));
                v.add(t.readObject());
            }
            DERSet dercrls = new DERSet(v);
            body.add(new DERTaggedObject(false, 1, dercrls));
        }
        // Only allow one signerInfo
        body.add(new DERSet(new DERSequence(signerinfo)));
        // Now we have the body, wrap it in it's PKCS7Signed shell
        // and return it
        // 
        ASN1EncodableVector whole = new ASN1EncodableVector();
        whole.add(new ASN1ObjectIdentifier(ID_PKCS7_SIGNED_DATA));
        whole.add(new DERTaggedObject(0, new DERSequence(body)));
        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
        ASN1OutputStream dout = ASN1OutputStream.create(bOut);
        dout.writeObject(new DERSequence(whole));
        dout.close();
        return bOut.toByteArray();
    } catch (Exception e) {
        throw new ExceptionConverter(e);
    }
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) X509CRL(java.security.cert.X509CRL) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DEROctetString(org.bouncycastle.asn1.DEROctetString) ASN1String(org.bouncycastle.asn1.ASN1String) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) ByteArrayOutputStream(java.io.ByteArrayOutputStream) ASN1OutputStream(org.bouncycastle.asn1.ASN1OutputStream) DERSet(org.bouncycastle.asn1.DERSet) DEROctetString(org.bouncycastle.asn1.DEROctetString) X509Certificate(java.security.cert.X509Certificate) SignatureException(java.security.SignatureException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) CertificateParsingException(java.security.cert.CertificateParsingException) IOException(java.io.IOException) NoSuchProviderException(java.security.NoSuchProviderException) ExceptionConverter(com.lowagie.text.ExceptionConverter) DERSequence(org.bouncycastle.asn1.DERSequence) ByteArrayInputStream(java.io.ByteArrayInputStream) Iterator(java.util.Iterator) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 10 with DERSequence

use of com.github.zhenwei.core.asn1.DERSequence in project attestation by TokenScript.

the class HelperTest method makeMinimalAtt.

public static Attestation makeMinimalAtt() {
    Attestation att = new Attestation();
    // Our initial version
    att.setVersion(IdentifierAttestation.HIDDEN_IDENTIFIER_VERSION);
    att.setSerialNumber(42);
    // Blank subject info
    att.setSubject("CN=");
    att.setSigningAlgorithm(IdentifierAttestation.DEFAULT_SIGNING_ALGORITHM);
    ASN1EncodableVector dataObject = new ASN1EncodableVector();
    dataObject.add(new DEROctetString("hello world".getBytes()));
    att.setDataObject(new DERSequence(dataObject));
    assertTrue(att.checkValidity());
    return att;
}
Also used : DERSequence(org.bouncycastle.asn1.DERSequence) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) DEROctetString(org.bouncycastle.asn1.DEROctetString)

Aggregations

DERSequence (org.bouncycastle.asn1.DERSequence)378 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)318 DERSequence (com.github.zhenwei.core.asn1.DERSequence)288 ASN1EncodableVector (com.github.zhenwei.core.asn1.ASN1EncodableVector)286 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)89 IOException (java.io.IOException)83 DEROctetString (org.bouncycastle.asn1.DEROctetString)78 DERTaggedObject (com.github.zhenwei.core.asn1.DERTaggedObject)60 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)60 DERTaggedObject (org.bouncycastle.asn1.DERTaggedObject)57 ASN1Integer (com.github.zhenwei.core.asn1.ASN1Integer)47 BigInteger (java.math.BigInteger)47 DEROctetString (com.github.zhenwei.core.asn1.DEROctetString)44 X509Certificate (java.security.cert.X509Certificate)38 DERBitString (org.bouncycastle.asn1.DERBitString)38 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)35 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)35 DERUTF8String (org.bouncycastle.asn1.DERUTF8String)29 DERSet (org.bouncycastle.asn1.DERSet)27 GeneralName (org.bouncycastle.asn1.x509.GeneralName)26
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial