Example 46 with Sequence
use of com.google.showcase.v1beta1.Sequence in project jss by dogtagpki.
the class PKCS12Util method createCertBagAttrs.
SET createCertBagAttrs(PKCS12CertInfo certInfo) throws Exception {
SET attrs = new SET();
String friendlyName = certInfo.getFriendlyName();
logger.debug(" Friendly name: " + friendlyName);
SEQUENCE nicknameAttr = new SEQUENCE();
nicknameAttr.addElement(SafeBag.FRIENDLY_NAME);
SET nicknameSet = new SET();
nicknameSet.addElement(new BMPString(friendlyName));
nicknameAttr.addElement(nicknameSet);
attrs.addElement(nicknameAttr);
String trustFlags = certInfo.getTrustFlags();
if (trustFlags != null && trustFlagsEnabled) {
logger.debug(" Trust flags: " + trustFlags);
SEQUENCE trustFlagsAttr = new SEQUENCE();
trustFlagsAttr.addElement(PKCS12.CERT_TRUST_FLAGS_OID);
SET trustFlagsSet = new SET();
trustFlagsSet.addElement(new BMPString(trustFlags));
trustFlagsAttr.addElement(trustFlagsSet);
attrs.addElement(trustFlagsAttr);
}
byte[] keyID = certInfo.getKeyID();
if (keyID != null) {
logger.debug(" Key ID: " + Utils.HexEncode(keyID));
SEQUENCE localKeyAttr = new SEQUENCE();
localKeyAttr.addElement(SafeBag.LOCAL_KEY_ID);
SET localKeySet = new SET();
localKeySet.addElement(new OCTET_STRING(keyID));
localKeyAttr.addElement(localKeySet);
attrs.addElement(localKeyAttr);
}
return attrs;
}
Also used :
SET(org.mozilla.jss.asn1.SET)
OCTET_STRING(org.mozilla.jss.asn1.OCTET_STRING)
SEQUENCE(org.mozilla.jss.asn1.SEQUENCE)
BMPString(org.mozilla.jss.asn1.BMPString)
BMPString(org.mozilla.jss.asn1.BMPString)
Example 47 with Sequence
use of com.google.showcase.v1beta1.Sequence in project jss by dogtagpki.
the class Attribute method encode.
@Override
public void encode(Tag implicit, OutputStream ostream) throws IOException {
SEQUENCE seq = new SEQUENCE();
seq.addElement(type);
seq.addElement(values);
seq.encode(implicit, ostream);
}
Also used :
SEQUENCE(org.mozilla.jss.asn1.SEQUENCE)
Example 48 with Sequence
use of com.google.showcase.v1beta1.Sequence in project jss by dogtagpki.
the class SignerInfo method verifyWithoutAuthenticatedAttributes.
/**
* Verifies that the message digest passed in, when encrypted with the
* given public key, matches the encrypted digest in the SignerInfo.
*/
private void verifyWithoutAuthenticatedAttributes(byte[] messageDigest, OBJECT_IDENTIFIER contentType, PublicKey pubkey) throws NotInitializedException, NoSuchAlgorithmException, InvalidKeyException, TokenException, SignatureException {
if (!contentType.equals(ContentInfo.DATA)) {
// to go into authenticatedAttributes.
throw new SignatureException("Content-Type is not DATA, but there are" + " no authenticated attributes");
}
SignatureAlgorithm sigAlg = SignatureAlgorithm.fromOID(digestEncryptionAlgorithm.getOID());
byte[] toBeVerified;
if (sigAlg.getRawAlg() == SignatureAlgorithm.RSASignature) {
// create DigestInfo structure
SEQUENCE digestInfo = new SEQUENCE();
digestInfo.addElement(new AlgorithmIdentifier(digestAlgorithm.getOID(), null));
digestInfo.addElement(new OCTET_STRING(messageDigest));
toBeVerified = ASN1Util.encode(digestInfo);
} else {
toBeVerified = messageDigest;
}
CryptoToken token = CryptoManager.getInstance().getInternalCryptoToken();
Signature sig = token.getSignatureContext(sigAlg);
sig.initVerify(pubkey);
sig.update(toBeVerified);
if (sig.verify(encryptedDigest.toByteArray())) {
// success
return;
} else {
throw new SignatureException("Encrypted message digest parameter does not " + "match encrypted digest in SignerInfo");
}
}
Also used :
OCTET_STRING(org.mozilla.jss.asn1.OCTET_STRING)
CryptoToken(org.mozilla.jss.crypto.CryptoToken)
SEQUENCE(org.mozilla.jss.asn1.SEQUENCE)
Signature(org.mozilla.jss.crypto.Signature)
SignatureAlgorithm(org.mozilla.jss.crypto.SignatureAlgorithm)
SignatureException(java.security.SignatureException)
AlgorithmIdentifier(org.mozilla.jss.pkix.primitive.AlgorithmIdentifier)
Example 49 with Sequence
use of com.google.showcase.v1beta1.Sequence in project jss by dogtagpki.
the class SignerInfo method encode.
@Override
public void encode(Tag tag, OutputStream ostream) throws IOException {
SEQUENCE sequence = new SEQUENCE();
sequence.addElement(version);
sequence.addElement(issuerAndSerialNumber);
sequence.addElement(digestAlgorithm);
if (authenticatedAttributes != null) {
sequence.addElement(new Tag(0), authenticatedAttributes);
}
sequence.addElement(digestEncryptionAlgorithm);
sequence.addElement(encryptedDigest);
if (unauthenticatedAttributes != null) {
sequence.addElement(new Tag(1), unauthenticatedAttributes);
}
sequence.encode(tag, ostream);
}Example 50 with Sequence
use of com.google.showcase.v1beta1.Sequence in project jss by dogtagpki.
the class CMCStatusInfoV2 method encode.
@Override
public void encode(Tag implicitTag, OutputStream ostream) throws IOException {
SEQUENCE seq = new SEQUENCE();
seq.addElement(status);
seq.addElement(bodyList);
if (statusString != null) {
seq.addElement(statusString);
}
if (otherInfo != null) {
seq.addElement(otherInfo);
}
seq.encode(implicitTag, ostream);
}
Also used :
SEQUENCE(org.mozilla.jss.asn1.SEQUENCE)
Aggregations
SEQUENCE (org.mozilla.jss.asn1.SEQUENCE)50
OCTET_STRING (org.mozilla.jss.asn1.OCTET_STRING)16
Sequence (org.sbolstandard.core2.Sequence)11
SET (org.mozilla.jss.asn1.SET)9
ANY (org.mozilla.jss.asn1.ANY)8
InvalidBERException (org.mozilla.jss.asn1.InvalidBERException)8
OBJECT_IDENTIFIER (org.mozilla.jss.asn1.OBJECT_IDENTIFIER)8
URI (java.net.URI)7
BMPString (org.mozilla.jss.asn1.BMPString)7
CryptoToken (org.mozilla.jss.crypto.CryptoToken)7
ASN1Value (org.mozilla.jss.asn1.ASN1Value)6
INTEGER (org.mozilla.jss.asn1.INTEGER)6
AuthenticatedSafes (org.mozilla.jss.pkcs12.AuthenticatedSafes)6
FileOutputStream (java.io.FileOutputStream)5
IOException (java.io.IOException)5
SignatureException (java.security.SignatureException)5
EXPLICIT (org.mozilla.jss.asn1.EXPLICIT)5
SafeBag (org.mozilla.jss.pkcs12.SafeBag)5
Certificate (org.mozilla.jss.pkix.cert.Certificate)5
ComponentDefinition (org.sbolstandard.core2.ComponentDefinition)5
