use of com.github.zhenwei.core.asn1.x509.TBSCertList in project LinLong-Java by zhenwei1108.
the class CertUtils method generateCRLStructure.
private static CertificateList generateCRLStructure(TBSCertList tbsCertList, AlgorithmIdentifier sigAlgId, byte[] signature) {
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(tbsCertList);
v.add(sigAlgId);
v.add(new DERBitString(signature));
return CertificateList.getInstance(new DERSequence(v));
}
use of com.github.zhenwei.core.asn1.x509.TBSCertList in project LinLong-Java by zhenwei1108.
the class X509CRLImpl method doVerify.
private void doVerify(PublicKey key, SignatureCreator sigCreator) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, SignatureException, NoSuchProviderException {
if (!c.getSignatureAlgorithm().equals(c.getTBSCertList().getSignature())) {
throw new CRLException("Signature algorithm on CertificateList does not match TBSCertList.");
}
if (key instanceof CompositePublicKey && X509SignatureUtil.isCompositeAlgorithm(c.getSignatureAlgorithm())) {
List<PublicKey> pubKeys = ((CompositePublicKey) key).getPublicKeys();
ASN1Sequence keySeq = ASN1Sequence.getInstance(c.getSignatureAlgorithm().getParameters());
ASN1Sequence sigSeq = ASN1Sequence.getInstance(DERBitString.getInstance(c.getSignature()).getBytes());
boolean success = false;
for (int i = 0; i != pubKeys.size(); i++) {
if (pubKeys.get(i) == null) {
continue;
}
AlgorithmIdentifier sigAlg = AlgorithmIdentifier.getInstance(keySeq.getObjectAt(i));
String sigName = X509SignatureUtil.getSignatureName(sigAlg);
Signature signature = sigCreator.createSignature(sigName);
SignatureException sigExc = null;
try {
checkSignature((PublicKey) pubKeys.get(i), signature, sigAlg.getParameters(), DERBitString.getInstance(sigSeq.getObjectAt(i)).getBytes());
success = true;
} catch (SignatureException e) {
sigExc = e;
}
if (sigExc != null) {
throw sigExc;
}
}
if (!success) {
throw new InvalidKeyException("no matching key found");
}
} else if (X509SignatureUtil.isCompositeAlgorithm(c.getSignatureAlgorithm())) {
ASN1Sequence keySeq = ASN1Sequence.getInstance(c.getSignatureAlgorithm().getParameters());
ASN1Sequence sigSeq = ASN1Sequence.getInstance(DERBitString.getInstance(c.getSignature()).getBytes());
boolean success = false;
for (int i = 0; i != sigSeq.size(); i++) {
AlgorithmIdentifier sigAlg = AlgorithmIdentifier.getInstance(keySeq.getObjectAt(i));
String sigName = X509SignatureUtil.getSignatureName(sigAlg);
SignatureException sigExc = null;
try {
Signature signature = sigCreator.createSignature(sigName);
checkSignature(key, signature, sigAlg.getParameters(), DERBitString.getInstance(sigSeq.getObjectAt(i)).getBytes());
success = true;
} catch (InvalidKeyException e) {
// ignore
} catch (NoSuchAlgorithmException e) {
// ignore
} catch (SignatureException e) {
sigExc = e;
}
if (sigExc != null) {
throw sigExc;
}
}
if (!success) {
throw new InvalidKeyException("no matching key found");
}
} else {
Signature sig = sigCreator.createSignature(getSigAlgName());
if (sigAlgParams == null) {
checkSignature(key, sig, null, this.getSignature());
} else {
try {
checkSignature(key, sig, ASN1Primitive.fromByteArray(sigAlgParams), this.getSignature());
} catch (IOException e) {
throw new SignatureException("cannot decode signature parameters: " + e.getMessage());
}
}
}
}
use of com.github.zhenwei.core.asn1.x509.TBSCertList in project LinLong-Java by zhenwei1108.
the class V2TBSCertListGenerator method generateTBSCertList.
public TBSCertList generateTBSCertList() {
if ((signature == null) || (issuer == null) || (thisUpdate == null)) {
throw new IllegalStateException("Not all mandatory fields set in V2 TBSCertList generator.");
}
ASN1EncodableVector v = new ASN1EncodableVector(7);
v.add(version);
v.add(signature);
v.add(issuer);
v.add(thisUpdate);
if (nextUpdate != null) {
v.add(nextUpdate);
}
// Add CRLEntries if they exist
if (crlentries.size() != 0) {
v.add(new DERSequence(crlentries));
}
if (extensions != null) {
v.add(new DERTaggedObject(0, extensions));
}
return new TBSCertList(new DERSequence(v));
}
use of com.github.zhenwei.core.asn1.x509.TBSCertList in project LinLong-Java by zhenwei1108.
the class CertificateList method toASN1Primitive.
public ASN1Primitive toASN1Primitive() {
ASN1EncodableVector v = new ASN1EncodableVector(3);
v.add(tbsCertList);
v.add(sigAlgId);
v.add(sig);
return new DERSequence(v);
}
Aggregations