Search in sources :

Example 1 with DERUTF8String

use of com.github.zhenwei.core.asn1.DERUTF8String in project OpenUnison by TremoloSecurity.

the class UpnExtractor method loadNTPrincipal.

private String loadNTPrincipal(X509Certificate[] certs) throws CertificateParsingException, IOException {
    X509Certificate cert = certs[0];
    Collection<List<?>> subjectAlternativeNames = cert.getSubjectAlternativeNames();
    if (subjectAlternativeNames != null && !subjectAlternativeNames.isEmpty()) {
        for (List<?> subjectAltName : subjectAlternativeNames) {
            if (((Integer) subjectAltName.get(0)) == GeneralName.otherName) {
                ASN1InputStream asn1Input = new ASN1InputStream((byte[]) subjectAltName.get(1));
                ASN1Primitive derObject = asn1Input.readObject();
                DLSequence seq = (DLSequence) derObject;
                ASN1ObjectIdentifier id = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
                if (id.getId().equals("1.3.6.1.4.1.311.20.2.3")) {
                    ASN1TaggedObject obj = (ASN1TaggedObject) seq.getObjectAt(1);
                    DERUTF8String str = null;
                    while (str == null) {
                        if (obj.getObject() instanceof DERTaggedObject) {
                            obj = (ASN1TaggedObject) obj.getObject();
                        } else if (obj.getObject() instanceof DERUTF8String) {
                            str = (DERUTF8String) obj.getObject();
                        } else {
                            asn1Input.close();
                            return null;
                        }
                    }
                    asn1Input.close();
                    return str.getString();
                }
            }
        }
    }
    return null;
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) DLSequence(org.bouncycastle.asn1.DLSequence) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) ASN1TaggedObject(org.bouncycastle.asn1.ASN1TaggedObject) List(java.util.List) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive) X509Certificate(java.security.cert.X509Certificate) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 2 with DERUTF8String

use of com.github.zhenwei.core.asn1.DERUTF8String in project ca3sCore by kuehne-trustable-de.

the class CaCmpConnector method buildCertRequest.

/**
 * @param certReqId
 * @param csr
 * @param hmacSecret
 * @return PKIMessage
 * @throws GeneralSecurityException
 */
public PKIMessage buildCertRequest(long certReqId, final CSR csr, final String hmacSecret) throws GeneralSecurityException {
    // read the pem csr and verify the signature
    PKCS10CertificationRequest p10Req;
    try {
        p10Req = cryptoUtil.parseCertificateRequest(csr.getCsrBase64()).getP10Req();
    } catch (IOException e) {
        LOGGER.error("parsing csr", e);
        throw new GeneralSecurityException(e.getMessage());
    }
    List<RDN> rdnList = new ArrayList<>();
    for (de.trustable.ca3s.core.domain.RDN rdnDao : csr.getRdns()) {
        LOGGER.debug("rdnDao : " + rdnDao.getRdnAttributes());
        List<AttributeTypeAndValue> attrTVList = new ArrayList<AttributeTypeAndValue>();
        if (rdnDao != null && rdnDao.getRdnAttributes() != null) {
            for (RDNAttribute rdnAttr : rdnDao.getRdnAttributes()) {
                ASN1ObjectIdentifier aoi = new ASN1ObjectIdentifier(rdnAttr.getAttributeType());
                ASN1Encodable ae = new DERUTF8String(rdnAttr.getAttributeValue());
                AttributeTypeAndValue attrTV = new AttributeTypeAndValue(aoi, ae);
                attrTVList.add(attrTV);
            }
        }
        RDN rdn = new RDN(attrTVList.toArray(new AttributeTypeAndValue[attrTVList.size()]));
        LOGGER.debug("rdn : " + rdn.size() + " elements");
        rdnList.add(rdn);
    }
    X500Name subjectDN = new X500Name(rdnList.toArray(new RDN[rdnList.size()]));
    LOGGER.debug("subjectDN : " + subjectDN);
    Collection<Extension> certExtList = new ArrayList<>();
    // copy CSR attributes to Extension list
    for (Attribute attribute : p10Req.getAttributes()) {
        for (ASN1Encodable asn1Encodable : attribute.getAttributeValues()) {
            if (asn1Encodable != null) {
                try {
                    Extensions extensions = Extensions.getInstance(asn1Encodable);
                    for (ASN1ObjectIdentifier oid : extensions.getExtensionOIDs()) {
                        LOGGER.debug("copying oid '" + oid.toString() + "' from csr to PKIMessage");
                        certExtList.add(extensions.getExtension(oid));
                    }
                } catch (IllegalArgumentException iae) {
                    LOGGER.debug("processing asn1 value  '" + asn1Encodable + "' caused exception", iae);
                }
            }
        }
    }
    final SubjectPublicKeyInfo keyInfo = p10Req.getSubjectPublicKeyInfo();
    return cryptoUtil.buildCertRequest(certReqId, subjectDN, certExtList, keyInfo, hmacSecret);
}
Also used : PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest) RDNAttribute(de.trustable.ca3s.core.domain.RDNAttribute) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) RDNAttribute(de.trustable.ca3s.core.domain.RDNAttribute) CsrAttribute(de.trustable.ca3s.core.domain.CsrAttribute) Attribute(org.bouncycastle.asn1.pkcs.Attribute) GeneralSecurityException(java.security.GeneralSecurityException) ArrayList(java.util.ArrayList) IOException(java.io.IOException) X500Name(org.bouncycastle.asn1.x500.X500Name) Extensions(org.bouncycastle.asn1.x509.Extensions) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) AttributeTypeAndValue(org.bouncycastle.asn1.x500.AttributeTypeAndValue) Extension(org.bouncycastle.asn1.x509.Extension) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) RDN(org.bouncycastle.asn1.x500.RDN) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 3 with DERUTF8String

use of com.github.zhenwei.core.asn1.DERUTF8String in project openicf by Evolveum.

the class BouncyCastlePEUtilities method getPassword.

public String getPassword(byte[] envelope) {
    ASN1InputStream aIn = null;
    try {
        aIn = new ASN1InputStream(envelope);
        Object o = null;
        DEROctetString oString = null;
        while ((o = aIn.readObject()) != null) {
            if (o instanceof DERSequence) {
                // identifier (1.2.840.113549.1.7.1)
                DERSequence seq = (DERSequence) o;
                if (seq.size() >= 2 && seq.getObjectAt(0) instanceof DERObjectIdentifier && "1.2.840.113549.1.7.1".equals(((DERObjectIdentifier) seq.getObjectAt(0)).getId())) {
                    if (seq.getObjectAt(1) instanceof DERTaggedObject && ((DERTaggedObject) seq.getObjectAt(1)).getObject() instanceof DEROctetString) {
                        oString = (DEROctetString) ((DERTaggedObject) seq.getObjectAt(1)).getObject();
                        break;
                    }
                }
            }
        }
        aIn.close();
        aIn = null;
        String pw = null;
        if (oString != null) {
            aIn = new ASN1InputStream(oString.getOctets());
            DERSequence seq = (DERSequence) aIn.readObject();
            if (seq.getObjectAt(2) instanceof DERUTF8String) {
                pw = ((DERUTF8String) seq.getObjectAt(2)).getString();
            }
            aIn.close();
            aIn = null;
        }
        return pw;
    } catch (IOException e) {
        try {
            if (aIn != null)
                aIn.close();
        } catch (IOException e2) {
        }
        throw ConnectorException.wrap(e);
    }
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) DERSequence(org.bouncycastle.asn1.DERSequence) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) DEROctetString(org.bouncycastle.asn1.DEROctetString) IOException(java.io.IOException) DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier) DEROctetString(org.bouncycastle.asn1.DEROctetString)

Example 4 with DERUTF8String

use of com.github.zhenwei.core.asn1.DERUTF8String in project attestation by TokenScript.

the class LisconTicket method makeTicket.

@Override
ASN1Sequence makeTicket() {
    ASN1EncodableVector ticket = new ASN1EncodableVector();
    ticket.add(new DERUTF8String(getDevconId()));
    ticket.add(new ASN1Integer(getTicketId()));
    ticket.add(new ASN1Integer(getTicketClass()));
    return new DERSequence(ticket);
}
Also used : DERUTF8String(org.bouncycastle.asn1.DERUTF8String) DERSequence(org.bouncycastle.asn1.DERSequence) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) ASN1Integer(org.bouncycastle.asn1.ASN1Integer)

Example 5 with DERUTF8String

use of com.github.zhenwei.core.asn1.DERUTF8String in project attestation by TokenScript.

the class Ticket method makeTicket.

ASN1Sequence makeTicket() {
    ASN1EncodableVector ticket = new ASN1EncodableVector();
    ticket.add(new DERUTF8String(devconId));
    ticket.add(new ASN1Integer(ticketId));
    ticket.add(new ASN1Integer(ticketClass));
    ticket.add(new DEROctetString(commitment));
    return new DERSequence(ticket);
}
Also used : DERUTF8String(org.bouncycastle.asn1.DERUTF8String) DERSequence(org.bouncycastle.asn1.DERSequence) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) DEROctetString(org.bouncycastle.asn1.DEROctetString)

Aggregations

DERUTF8String (org.bouncycastle.asn1.DERUTF8String)52 DERSequence (org.bouncycastle.asn1.DERSequence)28 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)20 DEROctetString (org.bouncycastle.asn1.DEROctetString)19 IOException (java.io.IOException)17 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)17 DERTaggedObject (org.bouncycastle.asn1.DERTaggedObject)17 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)15 DERIA5String (org.bouncycastle.asn1.DERIA5String)15 DERPrintableString (org.bouncycastle.asn1.DERPrintableString)12 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)11 ASN1Primitive (org.bouncycastle.asn1.ASN1Primitive)11 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)10 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)10 DLSequence (org.bouncycastle.asn1.DLSequence)9 X500Name (org.bouncycastle.asn1.x500.X500Name)8 X509Certificate (java.security.cert.X509Certificate)7 ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)7 Pair (android.util.Pair)5 Date (java.util.Date)5