Examples with DERSet com.github.zhenwei.core.asn1.DERSet used on opensource projects

Example 26 with DERSet

use of com.github.zhenwei.core.asn1.DERSet in project signer by demoiselle.

the class CertValues method getValue.

@Override
public Attribute getValue() throws SignerException {
    List<org.bouncycastle.asn1.x509.Certificate> certificateValues = new ArrayList<org.bouncycastle.asn1.x509.Certificate>();
    try {
        int chainSize = certificates.length - 1;
        for (int i = 0; i < chainSize; i++) {
            X509Certificate cert = (X509Certificate) certificates[i];
            byte[] data = cert.getEncoded();
            certificateValues.add(org.bouncycastle.asn1.x509.Certificate.getInstance(data));
        }
        org.bouncycastle.asn1.x509.Certificate[] certValuesArray = new org.bouncycastle.asn1.x509.Certificate[certificateValues.size()];
        return new Attribute(identifier, new DERSet(new DERSequence(certificateValues.toArray(certValuesArray))));
    } catch (CertificateEncodingException e) {
        throw new SignerException(e.getMessage());
    }
}

Example 27 with DERSet

use of com.github.zhenwei.core.asn1.DERSet in project signer by demoiselle.

the class CertificateRefs method getValue.

@Override
public Attribute getValue() throws SignerException {
    try {
        int chainSize = certificates.length - 1;
        OtherCertID[] arrayOtherCertID = new OtherCertID[chainSize];
        for (int i = 1; i <= chainSize; i++) {
            X509Certificate issuerCert = null;
            X509Certificate cert = (X509Certificate) certificates[i];
            if (i < chainSize) {
                issuerCert = (X509Certificate) certificates[i + 1];
            } else {
                // raiz
                issuerCert = (X509Certificate) certificates[i];
            }
            Digest digest = DigestFactory.getInstance().factoryDefault();
            digest.setAlgorithm(DigestAlgorithmEnum.SHA_256);
            byte[] certHash = digest.digest(cert.getEncoded());
            // X500Name dirName = new X500Name(issuerCert.getSubjectX500Principal().getName());
            X500Name dirName = new JcaX509CertificateHolder(issuerCert).getSubject();
            GeneralName name = new GeneralName(dirName);
            GeneralNames issuer = new GeneralNames(name);
            ASN1Integer serialNumber = new ASN1Integer(cert.getSerialNumber());
            IssuerSerial issuerSerial = new IssuerSerial(issuer, serialNumber);
            AlgorithmIdentifier algId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256);
            OtherCertID otherCertID = new OtherCertID(algId, certHash, issuerSerial);
            arrayOtherCertID[i - 1] = otherCertID;
        }
        return new Attribute(identifier, new DERSet(new ASN1Encodable[] { new DERSequence(arrayOtherCertID) }));
    } catch (CertificateEncodingException e) {
        throw new SignerException(e.getMessage());
    }
}

Example 28 with DERSet

use of com.github.zhenwei.core.asn1.DERSet in project signer by demoiselle.

the class EscTimeStamp method getValue.

@Override
public Attribute getValue() throws SignerException {
    try {
        logger.info(cadesMessagesBundle.getString("info.tsa.connecting"));
        if (timeStampGenerator != null) {
            // Inicializa os valores para o timestmap
            timeStampGenerator.initialize(content, privateKey, certificates, hash);
            // Obtem o carimbo de tempo atraves do servidor TSA
            byte[] response = timeStampGenerator.generateTimeStamp();
            // Valida o carimbo de tempo gerado
            timeStampGenerator.validateTimeStamp(content, response, hash);
            return new Attribute(identifier, new DERSet(ASN1Primitive.fromByteArray(response)));
        } else {
            throw new SignerException(cadesMessagesBundle.getString("error.tsa.not.found"));
        }
    } catch (SecurityException | IOException ex) {
    }
    throw new UnsupportedOperationException(cadesMessagesBundle.getString("error.not.supported", getClass().getName()));
}

Example 29 with DERSet

use of com.github.zhenwei.core.asn1.DERSet in project signer by demoiselle.

the class RevocationRefs method getValue.

@Override
public Attribute getValue() throws SignerException {
    try {
        int chainSize = certificates.length - 1;
        ArrayList<CrlValidatedID> crls = new ArrayList<CrlValidatedID>();
        for (int ix = 0; ix < chainSize; ix++) {
            X509Certificate cert = (X509Certificate) certificates[ix];
            Collection<ICPBR_CRL> icpCrls = crlRepository.getX509CRL(cert);
            for (ICPBR_CRL icpCrl : icpCrls) {
                crls.add(makeCrlValidatedID(icpCrl.getCRL()));
            }
        }
        int crlsIdSize = crls.size();
        CrlValidatedID[] crlsForId = new CrlValidatedID[crlsIdSize];
        int i = 0;
        for (CrlValidatedID crlVID : crls) {
            crlsForId[i] = crlVID;
            i++;
        }
        // CrlListID crlids = new CrlListID(crlsForId);
        DERSequence crlValidatedIDSeq = new DERSequence(crlsForId);
        // --CRLListID--/
        ASN1Encodable[] crlValidatedIDSeqArr = new ASN1Encodable[1];
        crlValidatedIDSeqArr[0] = crlValidatedIDSeq;
        DERSequence crlListID = new DERSequence(crlValidatedIDSeqArr);
        // CRLListID--/
        DERTaggedObject crlListIDTagged = new DERTaggedObject(0, crlListID);
        // CrlOcspRef--/
        ASN1Encodable[] crlListIDTaggedArr = new ASN1Encodable[1];
        crlListIDTaggedArr[0] = crlListIDTagged;
        DERSequence crlOscpRef = new DERSequence(crlListIDTaggedArr);
        // --CompleteRevocationRefs--/
        ASN1Encodable[] crlOscpRefArr = new ASN1Encodable[1];
        crlOscpRefArr[0] = crlOscpRef;
        DERSequence completeRevocationRefs = new DERSequence(crlOscpRefArr);
        // CrlOcspRef crlOcspRef = new CrlOcspRef(crlids, null, null);
        return new Attribute(identifier, new DERSet(completeRevocationRefs));
    // CrlOcspRef[] crlOcspRefArray = new
    // CrlOcspRef[completeRevocationRefs.size()];
    } catch (CRLException e) {
        throw new SignerException(e.getMessage());
    }
}

Example 30 with DERSet

use of com.github.zhenwei.core.asn1.DERSet in project airlift by airlift.

the class TestCertificationRequest method test.

@Test
public void test() throws Exception {
    // test only with state because BC encodes every other value using UTF8String instead of PrintableString used by the JDK
    String name = "C=country";
    KeyPairGenerator generator = KeyPairGenerator.getInstance("EC");
    generator.initialize(new ECGenParameterSpec("secp256r1"));
    KeyPair keyPair = generator.generateKeyPair();
    CertificationRequestInfo certificationRequestInfo = new CertificationRequestInfo(new X500Principal(name), keyPair.getPublic());
    SignatureAlgorithmIdentifier signatureAlgorithmIdentifier = findSignatureAlgorithmIdentifier("SHA256withECDSA");
    byte[] signature = certificationRequestInfo.sign(signatureAlgorithmIdentifier, keyPair.getPrivate());
    CertificationRequest certificationRequest = new CertificationRequest(certificationRequestInfo, signatureAlgorithmIdentifier, signature);
    assertEquals(certificationRequest.getCertificationRequestInfo(), certificationRequestInfo);
    assertEquals(certificationRequest.getSignatureAlgorithmIdentifier(), signatureAlgorithmIdentifier);
    assertEquals(base16().encode(certificationRequest.getSignature()), base16().encode(signature));
    assertEquals(certificationRequest, certificationRequest);
    assertEquals(certificationRequest.hashCode(), certificationRequest.hashCode());
    PKCS10CertificationRequest expectedCertificationRequest = new PKCS10CertificationRequest(new org.bouncycastle.asn1.pkcs.CertificationRequest(new org.bouncycastle.asn1.pkcs.CertificationRequestInfo(new X500Name(name), SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded()), new DERSet()), new DefaultSignatureAlgorithmIdentifierFinder().find("SHA256withECDSA"), new DERBitString(signature)));
    assertEquals(base16().encode(certificationRequest.getEncoded()), base16().encode(expectedCertificationRequest.getEncoded()));
}