use of com.github.zhenwei.pkix.cert.X509AttributeCertificateHolder in project LinLong-Java by zhenwei1108.
the class MiscPEMGenerator method createPemObject.
private PemObject createPemObject(Object o) throws IOException {
String type;
byte[] encoding;
if (o instanceof PemObject) {
return (PemObject) o;
}
if (o instanceof PemObjectGenerator) {
return ((PemObjectGenerator) o).generate();
}
if (o instanceof X509CertificateHolder) {
type = "CERTIFICATE";
encoding = ((X509CertificateHolder) o).getEncoded();
} else if (o instanceof X509CRLHolder) {
type = "X509 CRL";
encoding = ((X509CRLHolder) o).getEncoded();
} else if (o instanceof X509TrustedCertificateBlock) {
type = "TRUSTED CERTIFICATE";
encoding = ((X509TrustedCertificateBlock) o).getEncoded();
} else if (o instanceof PrivateKeyInfo) {
PrivateKeyInfo info = (PrivateKeyInfo) o;
ASN1ObjectIdentifier algOID = info.getPrivateKeyAlgorithm().getAlgorithm();
if (algOID.equals(PKCSObjectIdentifiers.rsaEncryption)) {
type = "RSA PRIVATE KEY";
encoding = info.parsePrivateKey().toASN1Primitive().getEncoded();
} else if (algOID.equals(dsaOids[0]) || algOID.equals(dsaOids[1])) {
type = "DSA PRIVATE KEY";
DSAParameter p = DSAParameter.getInstance(info.getPrivateKeyAlgorithm().getParameters());
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(new ASN1Integer(0));
v.add(new ASN1Integer(p.getP()));
v.add(new ASN1Integer(p.getQ()));
v.add(new ASN1Integer(p.getG()));
BigInteger x = ASN1Integer.getInstance(info.parsePrivateKey()).getValue();
BigInteger y = p.getG().modPow(x, p.getP());
v.add(new ASN1Integer(y));
v.add(new ASN1Integer(x));
encoding = new DERSequence(v).getEncoded();
} else if (algOID.equals(X9ObjectIdentifiers.id_ecPublicKey)) {
type = "EC PRIVATE KEY";
encoding = info.parsePrivateKey().toASN1Primitive().getEncoded();
} else {
type = "PRIVATE KEY";
encoding = info.getEncoded();
}
} else if (o instanceof SubjectPublicKeyInfo) {
type = "PUBLIC KEY";
encoding = ((SubjectPublicKeyInfo) o).getEncoded();
} else if (o instanceof X509AttributeCertificateHolder) {
type = "ATTRIBUTE CERTIFICATE";
encoding = ((X509AttributeCertificateHolder) o).getEncoded();
} else if (o instanceof com.github.zhenwei.pkix.pkcs.PKCS10CertificationRequest) {
type = "CERTIFICATE REQUEST";
encoding = ((PKCS10CertificationRequest) o).getEncoded();
} else if (o instanceof PKCS8EncryptedPrivateKeyInfo) {
type = "ENCRYPTED PRIVATE KEY";
encoding = ((PKCS8EncryptedPrivateKeyInfo) o).getEncoded();
} else if (o instanceof ContentInfo) {
type = "PKCS7";
encoding = ((ContentInfo) o).getEncoded();
} else {
throw new PemGenerationException("unknown object passed - can't encode.");
}
if (encryptor != null) {
String dekAlgName = Strings.toUpperCase(encryptor.getAlgorithm());
// Note: For backward compatibility
if (dekAlgName.equals("DESEDE")) {
dekAlgName = "DES-EDE3-CBC";
}
byte[] iv = encryptor.getIV();
byte[] encData = encryptor.encrypt(encoding);
List headers = new ArrayList(2);
headers.add(new PemHeader("Proc-Type", "4,ENCRYPTED"));
headers.add(new PemHeader("DEK-Info", dekAlgName + "," + getHexEncoded(iv)));
return new PemObject(type, headers, encData);
}
return new PemObject(type, encoding);
}
use of com.github.zhenwei.pkix.cert.X509AttributeCertificateHolder in project LinLong-Java by zhenwei1108.
the class CMSUtils method getAttributeCertificatesFromStore.
static List getAttributeCertificatesFromStore(Store attrStore) throws CMSException {
List certs = new ArrayList();
try {
for (Iterator it = attrStore.getMatches(null).iterator(); it.hasNext(); ) {
X509AttributeCertificateHolder attrCert = (X509AttributeCertificateHolder) it.next();
certs.add(new DERTaggedObject(false, 2, attrCert.toASN1Structure()));
}
return certs;
} catch (ClassCastException e) {
throw new CMSException("error processing certs", e);
}
}
use of com.github.zhenwei.pkix.cert.X509AttributeCertificateHolder in project LinLong-Java by zhenwei1108.
the class X509AttributeCertificateHolderSelector method match.
/**
* Decides if the given attribute certificate should be selected.
*
* @param obj The X509AttributeCertificateHolder which should be checked.
* @return <code>true</code> if the attribute certificate is a match
* <code>false</code> otherwise.
*/
public boolean match(Object obj) {
if (!(obj instanceof X509AttributeCertificateHolder)) {
return false;
}
X509AttributeCertificateHolder attrCert = (X509AttributeCertificateHolder) obj;
if (this.attributeCert != null) {
if (!this.attributeCert.equals(attrCert)) {
return false;
}
}
if (serialNumber != null) {
if (!attrCert.getSerialNumber().equals(serialNumber)) {
return false;
}
}
if (holder != null) {
if (!attrCert.getHolder().equals(holder)) {
return false;
}
}
if (issuer != null) {
if (!attrCert.getIssuer().equals(issuer)) {
return false;
}
}
if (attributeCertificateValid != null) {
if (!attrCert.isValidOn(attributeCertificateValid)) {
return false;
}
}
if (!targetNames.isEmpty() || !targetGroups.isEmpty()) {
Extension targetInfoExt = attrCert.getExtension(Extension.targetInformation);
if (targetInfoExt != null) {
TargetInformation targetinfo;
try {
targetinfo = TargetInformation.getInstance(targetInfoExt.getParsedValue());
} catch (IllegalArgumentException e) {
return false;
}
Targets[] targetss = targetinfo.getTargetsObjects();
if (!targetNames.isEmpty()) {
boolean found = false;
for (int i = 0; i < targetss.length; i++) {
Targets t = targetss[i];
Target[] targets = t.getTargets();
for (int j = 0; j < targets.length; j++) {
if (targetNames.contains(GeneralName.getInstance(targets[j].getTargetName()))) {
found = true;
break;
}
}
}
if (!found) {
return false;
}
}
if (!targetGroups.isEmpty()) {
boolean found = false;
for (int i = 0; i < targetss.length; i++) {
Targets t = targetss[i];
Target[] targets = t.getTargets();
for (int j = 0; j < targets.length; j++) {
if (targetGroups.contains(GeneralName.getInstance(targets[j].getTargetGroup()))) {
found = true;
break;
}
}
}
if (!found) {
return false;
}
}
}
}
return true;
}
Aggregations