Example 31 with Attribute
use of com.github.zhenwei.core.asn1.pkcs.Attribute in project LinLong-Java by zhenwei1108.
the class CMSAuthenticatedDataParser method getUnauthAttrs.
/**
* return a table of the unauthenticated attributes indexed by the OID of the attribute.
*
* @throws IOException
*/
public AttributeTable getUnauthAttrs() throws IOException {
if (unauthAttrs == null && unauthAttrNotRead) {
ASN1SetParser set = authData.getUnauthAttrs();
unauthAttrNotRead = false;
if (set != null) {
ASN1EncodableVector v = new ASN1EncodableVector();
ASN1Encodable o;
while ((o = set.readObject()) != null) {
ASN1SequenceParser seq = (ASN1SequenceParser) o;
v.add(seq.toASN1Primitive());
}
unauthAttrs = new AttributeTable(new DERSet(v));
}
}
return unauthAttrs;
}
Also used :
ASN1SequenceParser(com.github.zhenwei.core.asn1.ASN1SequenceParser)
ASN1SetParser(com.github.zhenwei.core.asn1.ASN1SetParser)
AttributeTable(com.github.zhenwei.pkix.util.asn1.cms.AttributeTable)
ASN1EncodableVector(com.github.zhenwei.core.asn1.ASN1EncodableVector)
ASN1Encodable(com.github.zhenwei.core.asn1.ASN1Encodable)
DERSet(com.github.zhenwei.core.asn1.DERSet)
Example 32 with Attribute
use of com.github.zhenwei.core.asn1.pkcs.Attribute in project LinLong-Java by zhenwei1108.
the class DefaultAuthenticatedAttributeTableGenerator method createStandardAttributeTable.
/**
* Create a standard attribute table from the passed in parameters - this will normally include
* contentType and messageDigest. If the constructor using an AttributeTable was used, entries in
* it for contentType and messageDigest will override the generated ones.
*
* @param parameters source parameters for table generation.
* @return a filled in Hashtable of attributes.
*/
protected Hashtable createStandardAttributeTable(Map parameters) {
Hashtable std = new Hashtable();
for (Enumeration en = table.keys(); en.hasMoreElements(); ) {
Object key = en.nextElement();
std.put(key, table.get(key));
}
if (!std.containsKey(CMSAttributes.contentType)) {
ASN1ObjectIdentifier contentType = ASN1ObjectIdentifier.getInstance(parameters.get(CMSAttributeTableGenerator.CONTENT_TYPE));
Attribute attr = new Attribute(CMSAttributes.contentType, new DERSet(contentType));
std.put(attr.getAttrType(), attr);
}
if (!std.containsKey(CMSAttributes.messageDigest)) {
byte[] messageDigest = (byte[]) parameters.get(CMSAttributeTableGenerator.DIGEST);
Attribute attr = new Attribute(CMSAttributes.messageDigest, new DERSet(new DEROctetString(messageDigest)));
std.put(attr.getAttrType(), attr);
}
if (!std.contains(CMSAttributes.cmsAlgorithmProtect)) {
Attribute attr = new Attribute(CMSAttributes.cmsAlgorithmProtect, new DERSet(new CMSAlgorithmProtection((AlgorithmIdentifier) parameters.get(CMSAttributeTableGenerator.DIGEST_ALGORITHM_IDENTIFIER), CMSAlgorithmProtection.MAC, (AlgorithmIdentifier) parameters.get(CMSAttributeTableGenerator.MAC_ALGORITHM_IDENTIFIER))));
std.put(attr.getAttrType(), attr);
}
return std;
}
Also used :
Enumeration(java.util.Enumeration)
CMSAlgorithmProtection(com.github.zhenwei.pkix.util.asn1.cms.CMSAlgorithmProtection)
Attribute(com.github.zhenwei.pkix.util.asn1.cms.Attribute)
Hashtable(java.util.Hashtable)
DERSet(com.github.zhenwei.core.asn1.DERSet)
ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)
DEROctetString(com.github.zhenwei.core.asn1.DEROctetString)
Example 33 with Attribute
use of com.github.zhenwei.core.asn1.pkcs.Attribute in project LinLong-Java by zhenwei1108.
the class DefaultSignedAttributeTableGenerator method createStandardAttributeTable.
/**
* Create a standard attribute table from the passed in parameters - this will normally include
* contentType, signingTime, messageDigest, and CMS algorithm protection. If the constructor using
* an AttributeTable was used, entries in it for contentType, signingTime, and messageDigest will
* override the generated ones.
*
* @param parameters source parameters for table generation.
* @return a filled in Hashtable of attributes.
*/
protected Hashtable createStandardAttributeTable(Map parameters) {
Hashtable std = copyHashTable(table);
if (!std.containsKey(CMSAttributes.contentType)) {
ASN1ObjectIdentifier contentType = ASN1ObjectIdentifier.getInstance(parameters.get(CMSAttributeTableGenerator.CONTENT_TYPE));
// contentType will be null if we're trying to generate a counter signature.
if (contentType != null) {
Attribute attr = new Attribute(CMSAttributes.contentType, new DERSet(contentType));
std.put(attr.getAttrType(), attr);
}
}
if (!std.containsKey(CMSAttributes.signingTime)) {
Date signingTime = new Date();
Attribute attr = new Attribute(CMSAttributes.signingTime, new DERSet(new Time(signingTime)));
std.put(attr.getAttrType(), attr);
}
if (!std.containsKey(CMSAttributes.messageDigest)) {
byte[] messageDigest = (byte[]) parameters.get(CMSAttributeTableGenerator.DIGEST);
Attribute attr = new Attribute(CMSAttributes.messageDigest, new DERSet(new DEROctetString(messageDigest)));
std.put(attr.getAttrType(), attr);
}
if (!std.contains(CMSAttributes.cmsAlgorithmProtect)) {
Attribute attr = new Attribute(CMSAttributes.cmsAlgorithmProtect, new DERSet(new CMSAlgorithmProtection((AlgorithmIdentifier) parameters.get(CMSAttributeTableGenerator.DIGEST_ALGORITHM_IDENTIFIER), CMSAlgorithmProtection.SIGNATURE, (AlgorithmIdentifier) parameters.get(CMSAttributeTableGenerator.SIGNATURE_ALGORITHM_IDENTIFIER))));
std.put(attr.getAttrType(), attr);
}
return std;
}
Also used :
CMSAlgorithmProtection(com.github.zhenwei.pkix.util.asn1.cms.CMSAlgorithmProtection)
Attribute(com.github.zhenwei.pkix.util.asn1.cms.Attribute)
Hashtable(java.util.Hashtable)
Time(com.github.zhenwei.pkix.util.asn1.cms.Time)
DERSet(com.github.zhenwei.core.asn1.DERSet)
ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)
Date(java.util.Date)
DEROctetString(com.github.zhenwei.core.asn1.DEROctetString)
Example 34 with Attribute
use of com.github.zhenwei.core.asn1.pkcs.Attribute in project LinLong-Java by zhenwei1108.
the class ESTService method getCSRAttributes.
/**
* Fetch he CSR Attributes from the server.
*
* @return A CSRRequestResponse with the attributes.
* @throws ESTException
*/
public CSRRequestResponse getCSRAttributes() throws ESTException {
if (!clientProvider.isTrusted()) {
throw new IllegalStateException("No trust anchors.");
}
ESTResponse resp = null;
CSRAttributesResponse response = null;
Exception finalThrowable = null;
URL url = null;
try {
url = new URL(server + CSRATTRS);
ESTClient client = clientProvider.makeClient();
ESTRequest req = new ESTRequestBuilder("GET", url).withClient(client).build();
resp = client.doRequest(req);
switch(resp.getStatusCode()) {
case 200:
try {
if (resp.getContentLength() != null && resp.getContentLength() > 0) {
ASN1InputStream ain = new ASN1InputStream(resp.getInputStream());
ASN1Sequence seq = ASN1Sequence.getInstance(ain.readObject());
response = new CSRAttributesResponse(CsrAttrs.getInstance(seq));
}
} catch (Throwable ex) {
throw new ESTException("Decoding CACerts: " + url.toString() + " " + ex.getMessage(), ex, resp.getStatusCode(), resp.getInputStream());
}
break;
case 204:
response = null;
break;
case 404:
response = null;
break;
default:
throw new ESTException("CSR Attribute request: " + req.getURL().toString(), null, resp.getStatusCode(), resp.getInputStream());
}
} catch (Throwable t) {
if (t instanceof ESTException) {
throw (ESTException) t;
} else {
throw new ESTException(t.getMessage(), t);
}
} finally {
if (resp != null) {
try {
resp.close();
} catch (Exception ex) {
finalThrowable = ex;
}
}
}
if (finalThrowable != null) {
if (finalThrowable instanceof ESTException) {
throw (ESTException) finalThrowable;
}
throw new ESTException(finalThrowable.getMessage(), finalThrowable, resp.getStatusCode(), null);
}
return new CSRRequestResponse(response, resp.getSource());
}
Also used :
ASN1InputStream(com.github.zhenwei.core.asn1.ASN1InputStream)
IOException(java.io.IOException)
CMCException(com.github.zhenwei.pkix.cmc.CMCException)
URL(java.net.URL)
ASN1Sequence(com.github.zhenwei.core.asn1.ASN1Sequence)
Example 35 with Attribute
use of com.github.zhenwei.core.asn1.pkcs.Attribute in project LinLong-Java by zhenwei1108.
the class RFC3280CertPathUtilities method processCRLB1.
/**
* If the DP includes cRLIssuer, then verify that the issuer field in the complete CRL matches
* cRLIssuer in the DP and that the complete CRL contains an issuing distribution point extension
* with the indirectCRL boolean asserted. Otherwise, verify that the CRL issuer matches the
* certificate issuer.
*
* @param dp The distribution point.
* @param cert The certificate ot attribute certificate.
* @param crl The CRL for <code>cert</code>.
* @throws AnnotatedException if one of the above conditions does not apply or an error occurs.
*/
protected static void processCRLB1(DistributionPoint dp, Object cert, X509CRL crl) throws AnnotatedException {
ASN1Primitive idp = RevocationUtilities.getExtensionValue(crl, Extension.issuingDistributionPoint);
boolean isIndirect = false;
if (idp != null) {
if (IssuingDistributionPoint.getInstance(idp).isIndirectCRL()) {
isIndirect = true;
}
}
byte[] issuerBytes;
issuerBytes = crl.getIssuerX500Principal().getEncoded();
boolean matchIssuer = false;
if (dp.getCRLIssuer() != null) {
GeneralName[] genNames = dp.getCRLIssuer().getNames();
for (int j = 0; j < genNames.length; j++) {
if (genNames[j].getTagNo() == GeneralName.directoryName) {
try {
if (Arrays.areEqual(genNames[j].getName().toASN1Primitive().getEncoded(), issuerBytes)) {
matchIssuer = true;
}
} catch (IOException e) {
throw new AnnotatedException("CRL issuer information from distribution point cannot be decoded.", e);
}
}
}
if (matchIssuer && !isIndirect) {
throw new AnnotatedException("Distribution point contains cRLIssuer field but CRL is not indirect.");
}
if (!matchIssuer) {
throw new AnnotatedException("CRL issuer of CRL does not match CRL issuer of distribution point.");
}
} else {
if (crl.getIssuerX500Principal().equals(((X509Certificate) cert).getIssuerX500Principal())) {
matchIssuer = true;
}
}
if (!matchIssuer) {
throw new AnnotatedException("Cannot find matching CRL issuer for certificate.");
}
}
Also used :
GeneralName(com.github.zhenwei.core.asn1.x509.GeneralName)
IOException(java.io.IOException)
ASN1Primitive(com.github.zhenwei.core.asn1.ASN1Primitive)
DistributionPoint(com.github.zhenwei.core.asn1.x509.DistributionPoint)
IssuingDistributionPoint(com.github.zhenwei.core.asn1.x509.IssuingDistributionPoint)
CRLDistPoint(com.github.zhenwei.core.asn1.x509.CRLDistPoint)
Aggregations
Attribute (org.bouncycastle.asn1.pkcs.Attribute)36
IOException (java.io.IOException)25
Extensions (org.bouncycastle.asn1.x509.Extensions)18
ArrayList (java.util.ArrayList)17
ASN1EncodableVector (com.github.zhenwei.core.asn1.ASN1EncodableVector)15
GeneralNames (org.bouncycastle.asn1.x509.GeneralNames)13
List (java.util.List)12
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)12
GeneralName (org.bouncycastle.asn1.x509.GeneralName)12
ASN1Set (org.bouncycastle.asn1.ASN1Set)10
ASN1Set (com.github.zhenwei.core.asn1.ASN1Set)9
Iterator (java.util.Iterator)9
CRLDistPoint (com.github.zhenwei.core.asn1.x509.CRLDistPoint)8
DistributionPoint (com.github.zhenwei.core.asn1.x509.DistributionPoint)8
AttributeTable (com.github.zhenwei.pkix.util.asn1.cms.AttributeTable)8
Enumeration (java.util.Enumeration)8
X500Name (org.bouncycastle.asn1.x500.X500Name)8
Attribute (com.github.zhenwei.pkix.util.asn1.cms.Attribute)7
GeneralName (com.github.zhenwei.core.asn1.x509.GeneralName)6
GeneralSecurityException (java.security.GeneralSecurityException)6
