Example 21 with Request
use of com.github.zhenwei.core.asn1.ocsp.Request in project LinLong-Java by zhenwei1108.
the class PKCS10CertificationRequestBuilder method build.
/**
* Generate an PKCS#10 request based on the past in signer.
*
* @param signer the content signer to be used to generate the signature validating the
* certificate.
* @return a holder containing the resulting PKCS#10 certification request.
*/
public PKCS10CertificationRequest build(ContentSigner signer) {
CertificationRequestInfo info;
if (attributes.isEmpty()) {
if (leaveOffEmpty) {
info = new CertificationRequestInfo(subject, publicKeyInfo, null);
} else {
info = new CertificationRequestInfo(subject, publicKeyInfo, new DERSet());
}
} else {
ASN1EncodableVector v = new ASN1EncodableVector();
for (Iterator it = attributes.iterator(); it.hasNext(); ) {
v.add(Attribute.getInstance(it.next()));
}
info = new CertificationRequestInfo(subject, publicKeyInfo, new DERSet(v));
}
try {
OutputStream sOut = signer.getOutputStream();
sOut.write(info.getEncoded(ASN1Encoding.DER));
sOut.close();
return new PKCS10CertificationRequest(new CertificationRequest(info, signer.getAlgorithmIdentifier(), new DERBitString(signer.getSignature())));
} catch (IOException e) {
throw new IllegalStateException("cannot produce certification request signature");
}
}
Also used :
CertificationRequestInfo(com.github.zhenwei.core.asn1.pkcs.CertificationRequestInfo)
OutputStream(java.io.OutputStream)
Iterator(java.util.Iterator)
ASN1EncodableVector(com.github.zhenwei.core.asn1.ASN1EncodableVector)
DERBitString(com.github.zhenwei.core.asn1.DERBitString)
IOException(java.io.IOException)
DERSet(com.github.zhenwei.core.asn1.DERSet)
CertificationRequest(com.github.zhenwei.core.asn1.pkcs.CertificationRequest)
Example 22 with Request
use of com.github.zhenwei.core.asn1.ocsp.Request in project LinLong-Java by zhenwei1108.
the class TimeStampTokenGenerator method generate.
/**
* Generate a TimeStampToken for the passed in request and serialNumber marking it with the passed
* in genTime.
*
* @param request the originating request.
* @param serialNumber serial number for the TimeStampToken
* @param genTime token generation time.
* @param additionalExtensions extra extensions to be added to the response token.
* @return a TimeStampToken
* @throws TSPException
*/
public TimeStampToken generate(TimeStampRequest request, BigInteger serialNumber, Date genTime, Extensions additionalExtensions) throws TSPException {
AlgorithmIdentifier algID = request.getMessageImprintAlgID();
MessageImprint messageImprint = new MessageImprint(algID, request.getMessageImprintDigest());
Accuracy accuracy = null;
if (accuracySeconds > 0 || accuracyMillis > 0 || accuracyMicros > 0) {
ASN1Integer seconds = null;
if (accuracySeconds > 0) {
seconds = new ASN1Integer(accuracySeconds);
}
ASN1Integer millis = null;
if (accuracyMillis > 0) {
millis = new ASN1Integer(accuracyMillis);
}
ASN1Integer micros = null;
if (accuracyMicros > 0) {
micros = new ASN1Integer(accuracyMicros);
}
accuracy = new Accuracy(seconds, millis, micros);
}
ASN1Boolean derOrdering = null;
if (ordering) {
derOrdering = ASN1Boolean.getInstance(ordering);
}
ASN1Integer nonce = null;
if (request.getNonce() != null) {
nonce = new ASN1Integer(request.getNonce());
}
ASN1ObjectIdentifier tsaPolicy = tsaPolicyOID;
if (request.getReqPolicy() != null) {
tsaPolicy = request.getReqPolicy();
}
Extensions respExtensions = request.getExtensions();
if (additionalExtensions != null) {
ExtensionsGenerator extGen = new ExtensionsGenerator();
if (respExtensions != null) {
for (Enumeration en = respExtensions.oids(); en.hasMoreElements(); ) {
extGen.addExtension(respExtensions.getExtension(ASN1ObjectIdentifier.getInstance(en.nextElement())));
}
}
for (Enumeration en = additionalExtensions.oids(); en.hasMoreElements(); ) {
extGen.addExtension(additionalExtensions.getExtension(ASN1ObjectIdentifier.getInstance(en.nextElement())));
}
respExtensions = extGen.generate();
}
ASN1GeneralizedTime timeStampTime;
if (resolution == R_SECONDS) {
timeStampTime = (locale == null) ? new ASN1GeneralizedTime(genTime) : new ASN1GeneralizedTime(genTime, locale);
} else {
timeStampTime = createGeneralizedTime(genTime);
}
TSTInfo tstInfo = new TSTInfo(tsaPolicy, messageImprint, new ASN1Integer(serialNumber), timeStampTime, accuracy, derOrdering, nonce, tsa, respExtensions);
try {
CMSSignedDataGenerator signedDataGenerator = new CMSSignedDataGenerator();
if (request.getCertReq()) {
// TODO: do we need to check certs non-empty?
signedDataGenerator.addCertificates(new CollectionStore(certs));
signedDataGenerator.addAttributeCertificates(new CollectionStore(attrCerts));
}
signedDataGenerator.addCRLs(new CollectionStore(crls));
if (!otherRevoc.isEmpty()) {
for (Iterator it = otherRevoc.keySet().iterator(); it.hasNext(); ) {
ASN1ObjectIdentifier format = (ASN1ObjectIdentifier) it.next();
signedDataGenerator.addOtherRevocationInfo(format, new CollectionStore((Collection) otherRevoc.get(format)));
}
}
signedDataGenerator.addSignerInfoGenerator(signerInfoGen);
byte[] derEncodedTSTInfo = tstInfo.getEncoded(ASN1Encoding.DER);
CMSSignedData signedData = signedDataGenerator.generate(new CMSProcessableByteArray(PKCSObjectIdentifiers.id_ct_TSTInfo, derEncodedTSTInfo), true);
return new TimeStampToken(signedData);
} catch (CMSException cmsEx) {
throw new TSPException("Error generating time-stamp token", cmsEx);
} catch (IOException e) {
throw new TSPException("Exception encoding info", e);
}
}
Also used :
CMSSignedDataGenerator(com.github.zhenwei.pkix.cms.CMSSignedDataGenerator)
CMSProcessableByteArray(com.github.zhenwei.pkix.cms.CMSProcessableByteArray)
Enumeration(java.util.Enumeration)
MessageImprint(com.github.zhenwei.pkix.util.asn1.tsp.MessageImprint)
ASN1GeneralizedTime(com.github.zhenwei.core.asn1.ASN1GeneralizedTime)
ASN1Integer(com.github.zhenwei.core.asn1.ASN1Integer)
IOException(java.io.IOException)
Extensions(com.github.zhenwei.core.asn1.x509.Extensions)
CMSSignedData(com.github.zhenwei.pkix.cms.CMSSignedData)
AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)
ExtensionsGenerator(com.github.zhenwei.core.asn1.x509.ExtensionsGenerator)
Accuracy(com.github.zhenwei.pkix.util.asn1.tsp.Accuracy)
TSTInfo(com.github.zhenwei.pkix.util.asn1.tsp.TSTInfo)
Iterator(java.util.Iterator)
Collection(java.util.Collection)
ASN1Boolean(com.github.zhenwei.core.asn1.ASN1Boolean)
CollectionStore(com.github.zhenwei.core.util.CollectionStore)
ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)
CMSException(com.github.zhenwei.pkix.cms.CMSException)
Example 23 with Request
use of com.github.zhenwei.core.asn1.ocsp.Request in project LinLong-Java by zhenwei1108.
the class EncryptedPOP method toASN1Primitive.
public ASN1Primitive toASN1Primitive() {
ASN1EncodableVector v = new ASN1EncodableVector(5);
v.add(request);
v.add(cms);
v.add(thePOPAlgID);
v.add(witnessAlgID);
v.add(new DEROctetString(witness));
return new DERSequence(v);
}
Also used :
DERSequence(com.github.zhenwei.core.asn1.DERSequence)
ASN1EncodableVector(com.github.zhenwei.core.asn1.ASN1EncodableVector)
DEROctetString(com.github.zhenwei.core.asn1.DEROctetString)
Example 24 with Request
use of com.github.zhenwei.core.asn1.ocsp.Request in project LinLong-Java by zhenwei1108.
the class CertResponse method toASN1Primitive.
/**
* <pre>
* CertResponse ::= SEQUENCE {
* certReqId INTEGER,
* -- to match this response with corresponding request (a value
* -- of -1 is to be used if certReqId is not specified in the
* -- corresponding request)
* status PKIStatusInfo,
* certifiedKeyPair CertifiedKeyPair OPTIONAL,
* rspInfo OCTET STRING OPTIONAL
* -- analogous to the id-regInfo-utf8Pairs string defined
* -- for regInfo in CertReqMsg [CRMF]
* }
* </pre>
*
* @return a basic ASN.1 object representation.
*/
public ASN1Primitive toASN1Primitive() {
ASN1EncodableVector v = new ASN1EncodableVector(4);
v.add(certReqId);
v.add(status);
if (certifiedKeyPair != null) {
v.add(certifiedKeyPair);
}
if (rspInfo != null) {
v.add(rspInfo);
}
return new DERSequence(v);
}
Also used :
DERSequence(com.github.zhenwei.core.asn1.DERSequence)
ASN1EncodableVector(com.github.zhenwei.core.asn1.ASN1EncodableVector)
Example 25 with Request
use of com.github.zhenwei.core.asn1.ocsp.Request in project LinLong-Java by zhenwei1108.
the class CertificateBody method requestToASN1Object.
/**
* create a request type Iso7816CertificateBody.
*
* @return return the "request" type certificate body.
* @throws IOException if the ASN1ApplicationSpecific cannot be created.
*/
private ASN1Primitive requestToASN1Object() throws IOException {
ASN1EncodableVector v = new ASN1EncodableVector(3);
v.add(certificateProfileIdentifier);
v.add(new DERApplicationSpecific(false, EACTags.CARDHOLDER_PUBLIC_KEY_TEMPLATE, publicKey));
v.add(certificateHolderReference);
return new DERApplicationSpecific(EACTags.CERTIFICATE_CONTENT_TEMPLATE, v);
}
Also used :
DERApplicationSpecific(com.github.zhenwei.core.asn1.DERApplicationSpecific)
ASN1EncodableVector(com.github.zhenwei.core.asn1.ASN1EncodableVector)
Aggregations
ASN1EncodableVector (com.github.zhenwei.core.asn1.ASN1EncodableVector)18
DERSequence (com.github.zhenwei.core.asn1.DERSequence)15
IOException (java.io.IOException)14
OutputStream (java.io.OutputStream)6
ArrayList (java.util.ArrayList)6
Iterator (java.util.Iterator)5
ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)4
ASN1Sequence (com.github.zhenwei.core.asn1.ASN1Sequence)4
DERBitString (com.github.zhenwei.core.asn1.DERBitString)4
DERTaggedObject (com.github.zhenwei.core.asn1.DERTaggedObject)4
AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)4
OCSPRequest (org.bouncycastle.asn1.ocsp.OCSPRequest)4
Request (org.bouncycastle.asn1.ocsp.Request)4
ASN1GeneralizedTime (com.github.zhenwei.core.asn1.ASN1GeneralizedTime)3
ASN1Integer (com.github.zhenwei.core.asn1.ASN1Integer)3
ByteArrayOutputStream (java.io.ByteArrayOutputStream)3
URL (java.net.URL)3
BasicOCSPResponse (com.github.zhenwei.core.asn1.ocsp.BasicOCSPResponse)2
OCSPRequest (com.github.zhenwei.core.asn1.ocsp.OCSPRequest)2
ResponseData (com.github.zhenwei.core.asn1.ocsp.ResponseData)2
