use of com.github.zhenwei.core.asn1.DERSet in project signer by demoiselle.
the class RevocationValues method getValue.
@Override
public Attribute getValue() throws SignerException {
List<X509CRL> crlList = new ArrayList<X509CRL>();
ArrayList<CertificateList> crlVals = new ArrayList<CertificateList>();
List<BasicOCSPResponse> ocspVals = new ArrayList<BasicOCSPResponse>();
try {
int chainSize = certificates.length - 1;
for (int ix = 0; ix < chainSize; ix++) {
X509Certificate cert = (X509Certificate) certificates[ix];
Collection<ICPBR_CRL> icpCrls = crlRepository.getX509CRL(cert);
for (ICPBR_CRL icpCrl : icpCrls) {
crlList.add(icpCrl.getCRL());
}
}
if (crlList.isEmpty()) {
throw new SignerException(cadesMessagesBundle.getString("error.crl.list.empty"));
} else {
for (X509CRL varCrl : crlList) {
crlVals.add(CertificateList.getInstance(varCrl.getEncoded()));
}
}
CertificateList[] crlValuesArray = new CertificateList[crlVals.size()];
BasicOCSPResponse[] ocspValuesArray = new BasicOCSPResponse[ocspVals.size()];
// org.bouncycastle.asn1.esf.RevocationValues revocationVals = new org.bouncycastle.asn1.esf.RevocationValues(crlVals.toArray(crlValuesArray), null, null);
return new Attribute(identifier, new DERSet(new DERSequence(crlVals.toArray(crlValuesArray))));
} catch (Exception e) {
throw new SignerException(e.getMessage());
}
}
use of com.github.zhenwei.core.asn1.DERSet in project signer by demoiselle.
the class SigningCertificateV2 method getValue.
@Override
public Attribute getValue() throws SignerException {
try {
X509Certificate cert = (X509Certificate) certificates[0];
X509Certificate issuerCert = (X509Certificate) certificates[1];
Digest digest = DigestFactory.getInstance().factoryDefault();
digest.setAlgorithm(DigestAlgorithmEnum.SHA_256);
byte[] certHash = digest.digest(cert.getEncoded());
X500Name dirName = new JcaX509CertificateHolder(issuerCert).getSubject();
GeneralName name = new GeneralName(dirName);
GeneralNames issuer = new GeneralNames(name);
ASN1Integer serialNumber = new ASN1Integer(cert.getSerialNumber());
IssuerSerial issuerSerial = new IssuerSerial(issuer, serialNumber);
// SHA-256
AlgorithmIdentifier algId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256);
ESSCertIDv2 essCertIDv2 = new ESSCertIDv2(algId, certHash, issuerSerial);
org.bouncycastle.asn1.ess.SigningCertificateV2 signingCertificateV2 = new org.bouncycastle.asn1.ess.SigningCertificateV2(essCertIDv2);
return new Attribute(identifier, new DERSet(signingCertificateV2));
} catch (CertificateEncodingException ex) {
throw new SignerException(ex.getMessage());
}
}
use of com.github.zhenwei.core.asn1.DERSet in project jruby-openssl by jruby.
the class X509Attribute method toASN1.
ASN1Primitive toASN1(final ThreadContext context) {
ASN1EncodableVector v1 = new ASN1EncodableVector();
v1.add(getTypeID());
if (value instanceof ASN1.Constructive) {
v1.add(((ASN1.Constructive) value).toASN1(context));
} else {
ASN1EncodableVector v2 = new ASN1EncodableVector();
v2.add(((ASN1.ASN1Data) value).toASN1(context));
v1.add(new DERSet(v2));
}
return new DLSequence(v1);
}
use of com.github.zhenwei.core.asn1.DERSet in project airlift by airlift.
the class TestCertificationRequestInfo method test.
@Test
public void test() throws Exception {
// test only with state because BC encodes every other value using UTF8String instead of PrintableString used by the JDK
String name = "C=country";
KeyPairGenerator generator = KeyPairGenerator.getInstance("EC");
generator.initialize(new ECGenParameterSpec("secp256r1"));
KeyPair keyPair = generator.generateKeyPair();
CertificationRequestInfo actualInfo = new CertificationRequestInfo(new X500Principal(name), keyPair.getPublic());
assertEquals(actualInfo.getPublicKey(), keyPair.getPublic());
assertEquals(actualInfo.getSubject().getName(), name);
assertEquals(actualInfo, actualInfo);
assertEquals(actualInfo.hashCode(), actualInfo.hashCode());
org.bouncycastle.asn1.pkcs.CertificationRequestInfo expectedInfo = new org.bouncycastle.asn1.pkcs.CertificationRequestInfo(new X500Name(name), SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded()), new DERSet());
assertEquals(base16().encode(actualInfo.getEncoded()), base16().encode(expectedInfo.getEncoded("DER")));
SignatureAlgorithmIdentifier signatureAlgorithmIdentifier = findSignatureAlgorithmIdentifier("SHA256withECDSA");
byte[] actualSignature = actualInfo.sign(signatureAlgorithmIdentifier, keyPair.getPrivate());
Signature signature = Signature.getInstance(signatureAlgorithmIdentifier.getName());
signature.initVerify(keyPair.getPublic());
signature.update(actualInfo.getEncoded());
assertTrue(signature.verify(actualSignature));
}
use of com.github.zhenwei.core.asn1.DERSet in project LinLong-Java by zhenwei1108.
the class CMSAuthenticatedDataStreamGenerator method open.
/**
* generate an authenticated data structure with the encapsulated bytes marked as type dataType.
*
* @param dataType the type of the data been written to the object.
* @param out the stream to store the authenticated structure in.
* @param macCalculator calculator for the MAC to be attached to the data.
* @param digestCalculator calculator for computing digest of the encapsulated data.
*/
public OutputStream open(ASN1ObjectIdentifier dataType, OutputStream out, MacCalculator macCalculator, DigestCalculator digestCalculator) throws CMSException {
this.macCalculator = macCalculator;
try {
ASN1EncodableVector recipientInfos = new ASN1EncodableVector();
for (Iterator it = recipientInfoGenerators.iterator(); it.hasNext(); ) {
RecipientInfoGenerator recipient = (RecipientInfoGenerator) it.next();
recipientInfos.add(recipient.generate(macCalculator.getKey()));
}
//
// ContentInfo
//
BERSequenceGenerator cGen = new BERSequenceGenerator(out);
cGen.addObject(CMSObjectIdentifiers.authenticatedData);
//
// Authenticated Data
//
BERSequenceGenerator authGen = new BERSequenceGenerator(cGen.getRawOutputStream(), 0, true);
authGen.addObject(new ASN1Integer(AuthenticatedData.calculateVersion(originatorInfo)));
if (originatorInfo != null) {
authGen.addObject(new DERTaggedObject(false, 0, originatorInfo));
}
if (berEncodeRecipientSet) {
authGen.getRawOutputStream().write(new BERSet(recipientInfos).getEncoded());
} else {
authGen.getRawOutputStream().write(new DERSet(recipientInfos).getEncoded());
}
AlgorithmIdentifier macAlgId = macCalculator.getAlgorithmIdentifier();
authGen.getRawOutputStream().write(macAlgId.getEncoded());
if (digestCalculator != null) {
authGen.addObject(new DERTaggedObject(false, 1, digestCalculator.getAlgorithmIdentifier()));
}
BERSequenceGenerator eiGen = new BERSequenceGenerator(authGen.getRawOutputStream());
eiGen.addObject(dataType);
OutputStream octetStream = CMSUtils.createBEROctetOutputStream(eiGen.getRawOutputStream(), 0, true, bufferSize);
OutputStream mOut;
if (digestCalculator != null) {
mOut = new TeeOutputStream(octetStream, digestCalculator.getOutputStream());
} else {
mOut = new TeeOutputStream(octetStream, macCalculator.getOutputStream());
}
return new CmsAuthenticatedDataOutputStream(macCalculator, digestCalculator, dataType, mOut, cGen, authGen, eiGen);
} catch (IOException e) {
throw new CMSException("exception decoding algorithm parameters.", e);
}
}
Aggregations