Search in sources :

Example 1 with X509AttributeCertificateHolder

use of com.github.zhenwei.pkix.cert.X509AttributeCertificateHolder in project LinLong-Java by zhenwei1108.

the class MiscPEMGenerator method createPemObject.

private PemObject createPemObject(Object o) throws IOException {
    String type;
    byte[] encoding;
    if (o instanceof PemObject) {
        return (PemObject) o;
    }
    if (o instanceof PemObjectGenerator) {
        return ((PemObjectGenerator) o).generate();
    }
    if (o instanceof X509CertificateHolder) {
        type = "CERTIFICATE";
        encoding = ((X509CertificateHolder) o).getEncoded();
    } else if (o instanceof X509CRLHolder) {
        type = "X509 CRL";
        encoding = ((X509CRLHolder) o).getEncoded();
    } else if (o instanceof X509TrustedCertificateBlock) {
        type = "TRUSTED CERTIFICATE";
        encoding = ((X509TrustedCertificateBlock) o).getEncoded();
    } else if (o instanceof PrivateKeyInfo) {
        PrivateKeyInfo info = (PrivateKeyInfo) o;
        ASN1ObjectIdentifier algOID = info.getPrivateKeyAlgorithm().getAlgorithm();
        if (algOID.equals(PKCSObjectIdentifiers.rsaEncryption)) {
            type = "RSA PRIVATE KEY";
            encoding = info.parsePrivateKey().toASN1Primitive().getEncoded();
        } else if (algOID.equals(dsaOids[0]) || algOID.equals(dsaOids[1])) {
            type = "DSA PRIVATE KEY";
            DSAParameter p = DSAParameter.getInstance(info.getPrivateKeyAlgorithm().getParameters());
            ASN1EncodableVector v = new ASN1EncodableVector();
            v.add(new ASN1Integer(0));
            v.add(new ASN1Integer(p.getP()));
            v.add(new ASN1Integer(p.getQ()));
            v.add(new ASN1Integer(p.getG()));
            BigInteger x = ASN1Integer.getInstance(info.parsePrivateKey()).getValue();
            BigInteger y = p.getG().modPow(x, p.getP());
            v.add(new ASN1Integer(y));
            v.add(new ASN1Integer(x));
            encoding = new DERSequence(v).getEncoded();
        } else if (algOID.equals(X9ObjectIdentifiers.id_ecPublicKey)) {
            type = "EC PRIVATE KEY";
            encoding = info.parsePrivateKey().toASN1Primitive().getEncoded();
        } else {
            type = "PRIVATE KEY";
            encoding = info.getEncoded();
        }
    } else if (o instanceof SubjectPublicKeyInfo) {
        type = "PUBLIC KEY";
        encoding = ((SubjectPublicKeyInfo) o).getEncoded();
    } else if (o instanceof X509AttributeCertificateHolder) {
        type = "ATTRIBUTE CERTIFICATE";
        encoding = ((X509AttributeCertificateHolder) o).getEncoded();
    } else if (o instanceof com.github.zhenwei.pkix.pkcs.PKCS10CertificationRequest) {
        type = "CERTIFICATE REQUEST";
        encoding = ((PKCS10CertificationRequest) o).getEncoded();
    } else if (o instanceof PKCS8EncryptedPrivateKeyInfo) {
        type = "ENCRYPTED PRIVATE KEY";
        encoding = ((PKCS8EncryptedPrivateKeyInfo) o).getEncoded();
    } else if (o instanceof ContentInfo) {
        type = "PKCS7";
        encoding = ((ContentInfo) o).getEncoded();
    } else {
        throw new PemGenerationException("unknown object passed - can't encode.");
    }
    if (encryptor != null) {
        String dekAlgName = Strings.toUpperCase(encryptor.getAlgorithm());
        // Note: For backward compatibility
        if (dekAlgName.equals("DESEDE")) {
            dekAlgName = "DES-EDE3-CBC";
        }
        byte[] iv = encryptor.getIV();
        byte[] encData = encryptor.encrypt(encoding);
        List headers = new ArrayList(2);
        headers.add(new PemHeader("Proc-Type", "4,ENCRYPTED"));
        headers.add(new PemHeader("DEK-Info", dekAlgName + "," + getHexEncoded(iv)));
        return new PemObject(type, headers, encData);
    }
    return new PemObject(type, encoding);
}
Also used : ArrayList(java.util.ArrayList) SubjectPublicKeyInfo(com.github.zhenwei.core.asn1.x509.SubjectPublicKeyInfo) PemObjectGenerator(com.github.zhenwei.core.util.io.pem.PemObjectGenerator) DERSequence(com.github.zhenwei.core.asn1.DERSequence) ContentInfo(com.github.zhenwei.pkix.util.asn1.cms.ContentInfo) ASN1EncodableVector(com.github.zhenwei.core.asn1.ASN1EncodableVector) ArrayList(java.util.ArrayList) List(java.util.List) DSAParameter(com.github.zhenwei.core.asn1.x509.DSAParameter) PKCS10CertificationRequest(com.github.zhenwei.pkix.pkcs.PKCS10CertificationRequest) PemGenerationException(com.github.zhenwei.core.util.io.pem.PemGenerationException) X509AttributeCertificateHolder(com.github.zhenwei.pkix.cert.X509AttributeCertificateHolder) ASN1Integer(com.github.zhenwei.core.asn1.ASN1Integer) PKCS8EncryptedPrivateKeyInfo(com.github.zhenwei.pkix.pkcs.PKCS8EncryptedPrivateKeyInfo) PemObject(com.github.zhenwei.core.util.io.pem.PemObject) X509CertificateHolder(com.github.zhenwei.pkix.cert.X509CertificateHolder) X509CRLHolder(com.github.zhenwei.pkix.cert.X509CRLHolder) BigInteger(java.math.BigInteger) PKCS8EncryptedPrivateKeyInfo(com.github.zhenwei.pkix.pkcs.PKCS8EncryptedPrivateKeyInfo) PrivateKeyInfo(com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo) ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier) PemHeader(com.github.zhenwei.core.util.io.pem.PemHeader)

Example 2 with X509AttributeCertificateHolder

use of com.github.zhenwei.pkix.cert.X509AttributeCertificateHolder in project LinLong-Java by zhenwei1108.

the class CMSUtils method getAttributeCertificatesFromStore.

static List getAttributeCertificatesFromStore(Store attrStore) throws CMSException {
    List certs = new ArrayList();
    try {
        for (Iterator it = attrStore.getMatches(null).iterator(); it.hasNext(); ) {
            X509AttributeCertificateHolder attrCert = (X509AttributeCertificateHolder) it.next();
            certs.add(new DERTaggedObject(false, 2, attrCert.toASN1Structure()));
        }
        return certs;
    } catch (ClassCastException e) {
        throw new CMSException("error processing certs", e);
    }
}
Also used : DERTaggedObject(com.github.zhenwei.core.asn1.DERTaggedObject) ArrayList(java.util.ArrayList) Iterator(java.util.Iterator) ArrayList(java.util.ArrayList) List(java.util.List) X509AttributeCertificateHolder(com.github.zhenwei.pkix.cert.X509AttributeCertificateHolder)

Example 3 with X509AttributeCertificateHolder

use of com.github.zhenwei.pkix.cert.X509AttributeCertificateHolder in project LinLong-Java by zhenwei1108.

the class X509AttributeCertificateHolderSelector method match.

/**
 * Decides if the given attribute certificate should be selected.
 *
 * @param obj The X509AttributeCertificateHolder which should be checked.
 * @return <code>true</code> if the attribute certificate is a match
 * <code>false</code> otherwise.
 */
public boolean match(Object obj) {
    if (!(obj instanceof X509AttributeCertificateHolder)) {
        return false;
    }
    X509AttributeCertificateHolder attrCert = (X509AttributeCertificateHolder) obj;
    if (this.attributeCert != null) {
        if (!this.attributeCert.equals(attrCert)) {
            return false;
        }
    }
    if (serialNumber != null) {
        if (!attrCert.getSerialNumber().equals(serialNumber)) {
            return false;
        }
    }
    if (holder != null) {
        if (!attrCert.getHolder().equals(holder)) {
            return false;
        }
    }
    if (issuer != null) {
        if (!attrCert.getIssuer().equals(issuer)) {
            return false;
        }
    }
    if (attributeCertificateValid != null) {
        if (!attrCert.isValidOn(attributeCertificateValid)) {
            return false;
        }
    }
    if (!targetNames.isEmpty() || !targetGroups.isEmpty()) {
        Extension targetInfoExt = attrCert.getExtension(Extension.targetInformation);
        if (targetInfoExt != null) {
            TargetInformation targetinfo;
            try {
                targetinfo = TargetInformation.getInstance(targetInfoExt.getParsedValue());
            } catch (IllegalArgumentException e) {
                return false;
            }
            Targets[] targetss = targetinfo.getTargetsObjects();
            if (!targetNames.isEmpty()) {
                boolean found = false;
                for (int i = 0; i < targetss.length; i++) {
                    Targets t = targetss[i];
                    Target[] targets = t.getTargets();
                    for (int j = 0; j < targets.length; j++) {
                        if (targetNames.contains(GeneralName.getInstance(targets[j].getTargetName()))) {
                            found = true;
                            break;
                        }
                    }
                }
                if (!found) {
                    return false;
                }
            }
            if (!targetGroups.isEmpty()) {
                boolean found = false;
                for (int i = 0; i < targetss.length; i++) {
                    Targets t = targetss[i];
                    Target[] targets = t.getTargets();
                    for (int j = 0; j < targets.length; j++) {
                        if (targetGroups.contains(GeneralName.getInstance(targets[j].getTargetGroup()))) {
                            found = true;
                            break;
                        }
                    }
                }
                if (!found) {
                    return false;
                }
            }
        }
    }
    return true;
}
Also used : Extension(com.github.zhenwei.core.asn1.x509.Extension) Target(com.github.zhenwei.core.asn1.x509.Target) TargetInformation(com.github.zhenwei.core.asn1.x509.TargetInformation) X509AttributeCertificateHolder(com.github.zhenwei.pkix.cert.X509AttributeCertificateHolder) Targets(com.github.zhenwei.core.asn1.x509.Targets)

Aggregations

X509AttributeCertificateHolder (com.github.zhenwei.pkix.cert.X509AttributeCertificateHolder)3 ArrayList (java.util.ArrayList)2 List (java.util.List)2 ASN1EncodableVector (com.github.zhenwei.core.asn1.ASN1EncodableVector)1 ASN1Integer (com.github.zhenwei.core.asn1.ASN1Integer)1 ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)1 DERSequence (com.github.zhenwei.core.asn1.DERSequence)1 DERTaggedObject (com.github.zhenwei.core.asn1.DERTaggedObject)1 PrivateKeyInfo (com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo)1 DSAParameter (com.github.zhenwei.core.asn1.x509.DSAParameter)1 Extension (com.github.zhenwei.core.asn1.x509.Extension)1 SubjectPublicKeyInfo (com.github.zhenwei.core.asn1.x509.SubjectPublicKeyInfo)1 Target (com.github.zhenwei.core.asn1.x509.Target)1 TargetInformation (com.github.zhenwei.core.asn1.x509.TargetInformation)1 Targets (com.github.zhenwei.core.asn1.x509.Targets)1 PemGenerationException (com.github.zhenwei.core.util.io.pem.PemGenerationException)1 PemHeader (com.github.zhenwei.core.util.io.pem.PemHeader)1 PemObject (com.github.zhenwei.core.util.io.pem.PemObject)1 PemObjectGenerator (com.github.zhenwei.core.util.io.pem.PemObjectGenerator)1 X509CRLHolder (com.github.zhenwei.pkix.cert.X509CRLHolder)1