use of com.github.zhenwei.core.asn1.DERSet in project signer by demoiselle.
the class CertValues method getValue.
@Override
public Attribute getValue() throws SignerException {
List<org.bouncycastle.asn1.x509.Certificate> certificateValues = new ArrayList<org.bouncycastle.asn1.x509.Certificate>();
try {
int chainSize = certificates.length - 1;
for (int i = 0; i < chainSize; i++) {
X509Certificate cert = (X509Certificate) certificates[i];
byte[] data = cert.getEncoded();
certificateValues.add(org.bouncycastle.asn1.x509.Certificate.getInstance(data));
}
org.bouncycastle.asn1.x509.Certificate[] certValuesArray = new org.bouncycastle.asn1.x509.Certificate[certificateValues.size()];
return new Attribute(identifier, new DERSet(new DERSequence(certificateValues.toArray(certValuesArray))));
} catch (CertificateEncodingException e) {
throw new SignerException(e.getMessage());
}
}
use of com.github.zhenwei.core.asn1.DERSet in project signer by demoiselle.
the class CertificateRefs method getValue.
@Override
public Attribute getValue() throws SignerException {
try {
int chainSize = certificates.length - 1;
OtherCertID[] arrayOtherCertID = new OtherCertID[chainSize];
for (int i = 1; i <= chainSize; i++) {
X509Certificate issuerCert = null;
X509Certificate cert = (X509Certificate) certificates[i];
if (i < chainSize) {
issuerCert = (X509Certificate) certificates[i + 1];
} else {
// raiz
issuerCert = (X509Certificate) certificates[i];
}
Digest digest = DigestFactory.getInstance().factoryDefault();
digest.setAlgorithm(DigestAlgorithmEnum.SHA_256);
byte[] certHash = digest.digest(cert.getEncoded());
// X500Name dirName = new X500Name(issuerCert.getSubjectX500Principal().getName());
X500Name dirName = new JcaX509CertificateHolder(issuerCert).getSubject();
GeneralName name = new GeneralName(dirName);
GeneralNames issuer = new GeneralNames(name);
ASN1Integer serialNumber = new ASN1Integer(cert.getSerialNumber());
IssuerSerial issuerSerial = new IssuerSerial(issuer, serialNumber);
AlgorithmIdentifier algId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256);
OtherCertID otherCertID = new OtherCertID(algId, certHash, issuerSerial);
arrayOtherCertID[i - 1] = otherCertID;
}
return new Attribute(identifier, new DERSet(new ASN1Encodable[] { new DERSequence(arrayOtherCertID) }));
} catch (CertificateEncodingException e) {
throw new SignerException(e.getMessage());
}
}
use of com.github.zhenwei.core.asn1.DERSet in project signer by demoiselle.
the class EscTimeStamp method getValue.
@Override
public Attribute getValue() throws SignerException {
try {
logger.info(cadesMessagesBundle.getString("info.tsa.connecting"));
if (timeStampGenerator != null) {
// Inicializa os valores para o timestmap
timeStampGenerator.initialize(content, privateKey, certificates, hash);
// Obtem o carimbo de tempo atraves do servidor TSA
byte[] response = timeStampGenerator.generateTimeStamp();
// Valida o carimbo de tempo gerado
timeStampGenerator.validateTimeStamp(content, response, hash);
return new Attribute(identifier, new DERSet(ASN1Primitive.fromByteArray(response)));
} else {
throw new SignerException(cadesMessagesBundle.getString("error.tsa.not.found"));
}
} catch (SecurityException | IOException ex) {
}
throw new UnsupportedOperationException(cadesMessagesBundle.getString("error.not.supported", getClass().getName()));
}
use of com.github.zhenwei.core.asn1.DERSet in project signer by demoiselle.
the class RevocationRefs method getValue.
@Override
public Attribute getValue() throws SignerException {
try {
int chainSize = certificates.length - 1;
ArrayList<CrlValidatedID> crls = new ArrayList<CrlValidatedID>();
for (int ix = 0; ix < chainSize; ix++) {
X509Certificate cert = (X509Certificate) certificates[ix];
Collection<ICPBR_CRL> icpCrls = crlRepository.getX509CRL(cert);
for (ICPBR_CRL icpCrl : icpCrls) {
crls.add(makeCrlValidatedID(icpCrl.getCRL()));
}
}
int crlsIdSize = crls.size();
CrlValidatedID[] crlsForId = new CrlValidatedID[crlsIdSize];
int i = 0;
for (CrlValidatedID crlVID : crls) {
crlsForId[i] = crlVID;
i++;
}
// CrlListID crlids = new CrlListID(crlsForId);
DERSequence crlValidatedIDSeq = new DERSequence(crlsForId);
// --CRLListID--/
ASN1Encodable[] crlValidatedIDSeqArr = new ASN1Encodable[1];
crlValidatedIDSeqArr[0] = crlValidatedIDSeq;
DERSequence crlListID = new DERSequence(crlValidatedIDSeqArr);
// CRLListID--/
DERTaggedObject crlListIDTagged = new DERTaggedObject(0, crlListID);
// CrlOcspRef--/
ASN1Encodable[] crlListIDTaggedArr = new ASN1Encodable[1];
crlListIDTaggedArr[0] = crlListIDTagged;
DERSequence crlOscpRef = new DERSequence(crlListIDTaggedArr);
// --CompleteRevocationRefs--/
ASN1Encodable[] crlOscpRefArr = new ASN1Encodable[1];
crlOscpRefArr[0] = crlOscpRef;
DERSequence completeRevocationRefs = new DERSequence(crlOscpRefArr);
// CrlOcspRef crlOcspRef = new CrlOcspRef(crlids, null, null);
return new Attribute(identifier, new DERSet(completeRevocationRefs));
// CrlOcspRef[] crlOcspRefArray = new
// CrlOcspRef[completeRevocationRefs.size()];
} catch (CRLException e) {
throw new SignerException(e.getMessage());
}
}
use of com.github.zhenwei.core.asn1.DERSet in project airlift by airlift.
the class TestCertificationRequest method test.
@Test
public void test() throws Exception {
// test only with state because BC encodes every other value using UTF8String instead of PrintableString used by the JDK
String name = "C=country";
KeyPairGenerator generator = KeyPairGenerator.getInstance("EC");
generator.initialize(new ECGenParameterSpec("secp256r1"));
KeyPair keyPair = generator.generateKeyPair();
CertificationRequestInfo certificationRequestInfo = new CertificationRequestInfo(new X500Principal(name), keyPair.getPublic());
SignatureAlgorithmIdentifier signatureAlgorithmIdentifier = findSignatureAlgorithmIdentifier("SHA256withECDSA");
byte[] signature = certificationRequestInfo.sign(signatureAlgorithmIdentifier, keyPair.getPrivate());
CertificationRequest certificationRequest = new CertificationRequest(certificationRequestInfo, signatureAlgorithmIdentifier, signature);
assertEquals(certificationRequest.getCertificationRequestInfo(), certificationRequestInfo);
assertEquals(certificationRequest.getSignatureAlgorithmIdentifier(), signatureAlgorithmIdentifier);
assertEquals(base16().encode(certificationRequest.getSignature()), base16().encode(signature));
assertEquals(certificationRequest, certificationRequest);
assertEquals(certificationRequest.hashCode(), certificationRequest.hashCode());
PKCS10CertificationRequest expectedCertificationRequest = new PKCS10CertificationRequest(new org.bouncycastle.asn1.pkcs.CertificationRequest(new org.bouncycastle.asn1.pkcs.CertificationRequestInfo(new X500Name(name), SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded()), new DERSet()), new DefaultSignatureAlgorithmIdentifierFinder().find("SHA256withECDSA"), new DERBitString(signature)));
assertEquals(base16().encode(certificationRequest.getEncoded()), base16().encode(expectedCertificationRequest.getEncoded()));
}
Aggregations