Search in sources :

Example 1 with AttributeCertificateInfo

use of com.github.zhenwei.core.asn1.x509.AttributeCertificateInfo in project robovm by robovm.

the class X509AttributeCertificateHolder method isSignatureValid.

/**
     * Validate the signature on the attribute certificate in this holder.
     *
     * @param verifierProvider a ContentVerifierProvider that can generate a verifier for the signature.
     * @return true if the signature is valid, false otherwise.
     * @throws CertException if the signature cannot be processed or is inappropriate.
     */
public boolean isSignatureValid(ContentVerifierProvider verifierProvider) throws CertException {
    AttributeCertificateInfo acinfo = attrCert.getAcinfo();
    if (!CertUtils.isAlgIdEqual(acinfo.getSignature(), attrCert.getSignatureAlgorithm())) {
        throw new CertException("signature invalid - algorithm identifier mismatch");
    }
    ContentVerifier verifier;
    try {
        verifier = verifierProvider.get((acinfo.getSignature()));
        OutputStream sOut = verifier.getOutputStream();
        DEROutputStream dOut = new DEROutputStream(sOut);
        dOut.writeObject(acinfo);
        sOut.close();
    } catch (Exception e) {
        throw new CertException("unable to process signature: " + e.getMessage(), e);
    }
    return verifier.verify(attrCert.getSignatureValue().getBytes());
}
Also used : AttributeCertificateInfo(org.bouncycastle.asn1.x509.AttributeCertificateInfo) ContentVerifier(org.bouncycastle.operator.ContentVerifier) OutputStream(java.io.OutputStream) DEROutputStream(org.bouncycastle.asn1.DEROutputStream) IOException(java.io.IOException) DEROutputStream(org.bouncycastle.asn1.DEROutputStream)

Example 2 with AttributeCertificateInfo

use of com.github.zhenwei.core.asn1.x509.AttributeCertificateInfo in project jmulticard by ctt-gob-es.

the class X509AttributeCertificateHolder method isSignatureValid.

/**
 * Validate the signature on the attribute certificate in this holder.
 *
 * @param verifierProvider a ContentVerifierProvider that can generate a verifier for the signature.
 * @return true if the signature is valid, false otherwise.
 * @throws CertException if the signature cannot be processed or is inappropriate.
 */
public boolean isSignatureValid(ContentVerifierProvider verifierProvider) throws CertException {
    AttributeCertificateInfo acinfo = attrCert.getAcinfo();
    if (!CertUtils.isAlgIdEqual(acinfo.getSignature(), attrCert.getSignatureAlgorithm())) {
        throw new CertException("signature invalid - algorithm identifier mismatch");
    }
    ContentVerifier verifier;
    try {
        verifier = verifierProvider.get((acinfo.getSignature()));
        OutputStream sOut = verifier.getOutputStream();
        acinfo.encodeTo(sOut, ASN1Encoding.DER);
        sOut.close();
    } catch (Exception e) {
        throw new CertException("unable to process signature: " + e.getMessage(), e);
    }
    return verifier.verify(this.getSignature());
}
Also used : AttributeCertificateInfo(org.bouncycastle.asn1.x509.AttributeCertificateInfo) ContentVerifier(org.bouncycastle.operator.ContentVerifier) OutputStream(java.io.OutputStream) ObjectOutputStream(java.io.ObjectOutputStream) IOException(java.io.IOException)

Example 3 with AttributeCertificateInfo

use of com.github.zhenwei.core.asn1.x509.AttributeCertificateInfo in project LinLong-Java by zhenwei1108.

the class AttributeCertificate method toASN1Primitive.

/**
 * Produce an object suitable for an ASN1OutputStream.
 * <pre>
 *  AttributeCertificate ::= SEQUENCE {
 *       acinfo               AttributeCertificateInfo,
 *       signatureAlgorithm   AlgorithmIdentifier,
 *       signatureValue       BIT STRING
 *  }
 * </pre>
 */
public ASN1Primitive toASN1Primitive() {
    ASN1EncodableVector v = new ASN1EncodableVector(3);
    v.add(acinfo);
    v.add(signatureAlgorithm);
    v.add(signatureValue);
    return new DERSequence(v);
}
Also used : DERSequence(com.github.zhenwei.core.asn1.DERSequence) ASN1EncodableVector(com.github.zhenwei.core.asn1.ASN1EncodableVector)

Example 4 with AttributeCertificateInfo

use of com.github.zhenwei.core.asn1.x509.AttributeCertificateInfo in project LinLong-Java by zhenwei1108.

the class AttributeCertificateInfo method toASN1Primitive.

/**
 * Produce an object suitable for an ASN1OutputStream.
 * <pre>
 *  AttributeCertificateInfo ::= SEQUENCE {
 *       version              AttCertVersion -- version is v2,
 *       holder               Holder,
 *       issuer               AttCertIssuer,
 *       signature            AlgorithmIdentifier,
 *       serialNumber         CertificateSerialNumber,
 *       attrCertValidityPeriod   AttCertValidityPeriod,
 *       attributes           SEQUENCE OF Attribute,
 *       issuerUniqueID       UniqueIdentifier OPTIONAL,
 *       extensions           Extensions OPTIONAL
 *  }
 *
 *  AttCertVersion ::= INTEGER { v2(1) }
 * </pre>
 */
public ASN1Primitive toASN1Primitive() {
    ASN1EncodableVector v = new ASN1EncodableVector(9);
    if (!version.hasValue(0)) {
        v.add(version);
    }
    v.add(holder);
    v.add(issuer);
    v.add(signature);
    v.add(serialNumber);
    v.add(attrCertValidityPeriod);
    v.add(attributes);
    if (issuerUniqueID != null) {
        v.add(issuerUniqueID);
    }
    if (extensions != null) {
        v.add(extensions);
    }
    return new DERSequence(v);
}
Also used : DERSequence(com.github.zhenwei.core.asn1.DERSequence) ASN1EncodableVector(com.github.zhenwei.core.asn1.ASN1EncodableVector)

Example 5 with AttributeCertificateInfo

use of com.github.zhenwei.core.asn1.x509.AttributeCertificateInfo in project LinLong-Java by zhenwei1108.

the class X509AttributeCertificateHolder method isSignatureValid.

/**
 * Validate the signature on the attribute certificate in this holder.
 *
 * @param verifierProvider a ContentVerifierProvider that can generate a verifier for the
 *                         signature.
 * @return true if the signature is valid, false otherwise.
 * @throws CertException if the signature cannot be processed or is inappropriate.
 */
public boolean isSignatureValid(ContentVerifierProvider verifierProvider) throws CertException {
    AttributeCertificateInfo acinfo = attrCert.getAcinfo();
    if (!CertUtils.isAlgIdEqual(acinfo.getSignature(), attrCert.getSignatureAlgorithm())) {
        throw new CertException("signature invalid - algorithm identifier mismatch");
    }
    ContentVerifier verifier;
    try {
        verifier = verifierProvider.get((acinfo.getSignature()));
        OutputStream sOut = verifier.getOutputStream();
        acinfo.encodeTo(sOut, ASN1Encoding.DER);
        sOut.close();
    } catch (Exception e) {
        throw new CertException("unable to process signature: " + e.getMessage(), e);
    }
    return verifier.verify(this.getSignature());
}
Also used : AttributeCertificateInfo(com.github.zhenwei.core.asn1.x509.AttributeCertificateInfo) ContentVerifier(com.github.zhenwei.pkix.operator.ContentVerifier) OutputStream(java.io.OutputStream) ObjectOutputStream(java.io.ObjectOutputStream) IOException(java.io.IOException)

Aggregations

ASN1EncodableVector (com.github.zhenwei.core.asn1.ASN1EncodableVector)4 DERSequence (com.github.zhenwei.core.asn1.DERSequence)4 IOException (java.io.IOException)3 OutputStream (java.io.OutputStream)3 ObjectOutputStream (java.io.ObjectOutputStream)2 AttributeCertificateInfo (org.bouncycastle.asn1.x509.AttributeCertificateInfo)2 ContentVerifier (org.bouncycastle.operator.ContentVerifier)2 DERBitString (com.github.zhenwei.core.asn1.DERBitString)1 AttributeCertificateInfo (com.github.zhenwei.core.asn1.x509.AttributeCertificateInfo)1 ContentVerifier (com.github.zhenwei.pkix.operator.ContentVerifier)1 DEROutputStream (org.bouncycastle.asn1.DEROutputStream)1