Search in sources :

Example 16 with ASN1Object

use of com.mindbright.asn1.ASN1Object in project android_frameworks_base by AOSPA.

the class ESTHandler method execute.

public void execute(boolean reenroll) throws IOException, GeneralSecurityException {
    URL caURL = new URL(mURL.getProtocol(), mURL.getHost(), mURL.getPort(), mURL.getFile() + CACERT_PATH);
    HTTPResponse response;
    try (HTTPHandler httpHandler = new HTTPHandler(StandardCharsets.ISO_8859_1, mSocketFactory, mUser, mPassword)) {
        response = httpHandler.doGetHTTP(caURL);
        if (!"application/pkcs7-mime".equals(response.getHeaders().get(HTTPMessage.ContentTypeHeader))) {
            throw new IOException("Unexpected Content-Type: " + response.getHeaders().get(HTTPMessage.ContentTypeHeader));
        }
        ByteBuffer octetBuffer = response.getBinaryPayload();
        Collection<Asn1Object> pkcs7Content1 = Asn1Decoder.decode(octetBuffer);
        for (Asn1Object asn1Object : pkcs7Content1) {
            Log.d(TAG, "---");
            Log.d(TAG, asn1Object.toString());
        }
        Log.d(TAG, CACERT_PATH);
        mCACerts.addAll(unpackPkcs7(octetBuffer));
        for (X509Certificate certificate : mCACerts) {
            Log.d(TAG, "CA-Cert: " + certificate.getSubjectX500Principal());
        }
        /*
            byte[] octets = new byte[octetBuffer.remaining()];
            octetBuffer.duplicate().get(octets);
            for (byte b : octets) {
                System.out.printf("%02x ", b & 0xff);
            }
            Log.d(TAG, );
            */
        /* + BC
            try {
                byte[] octets = new byte[octetBuffer.remaining()];
                octetBuffer.duplicate().get(octets);
                ASN1InputStream asnin = new ASN1InputStream(octets);
                for (int n = 0; n < 100; n++) {
                    ASN1Primitive object = asnin.readObject();
                    if (object == null) {
                        break;
                    }
                    parseObject(object, 0);
                }
            }
            catch (Throwable t) {
                t.printStackTrace();
            }

            Collection<Asn1Object> pkcs7Content = Asn1Decoder.decode(octetBuffer);
            for (Asn1Object asn1Object : pkcs7Content) {
                Log.d(TAG, asn1Object);
            }

            if (pkcs7Content.size() != 1) {
                throw new IOException("Unexpected pkcs 7 container: " + pkcs7Content.size());
            }

            Asn1Constructed pkcs7Root = (Asn1Constructed) pkcs7Content.iterator().next();
            Iterator<Asn1ID> certPath = Arrays.asList(Pkcs7CertPath).iterator();
            Asn1Object certObject = pkcs7Root.findObject(certPath);
            if (certObject == null || certPath.hasNext()) {
                throw new IOException("Failed to find cert; returned object " + certObject +
                        ", path " + (certPath.hasNext() ? "short" : "exhausted"));
            }

            ByteBuffer certOctets = certObject.getPayload();
            if (certOctets == null) {
                throw new IOException("No cert payload in: " + certObject);
            }

            byte[] certBytes = new byte[certOctets.remaining()];
            certOctets.get(certBytes);

            CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
            Certificate cert = certFactory.generateCertificate(new ByteArrayInputStream(certBytes));
            Log.d(TAG, "EST Cert: " + cert);
            */
        URL csrURL = new URL(mURL.getProtocol(), mURL.getHost(), mURL.getPort(), mURL.getFile() + CSR_PATH);
        response = httpHandler.doGetHTTP(csrURL);
        octetBuffer = response.getBinaryPayload();
        byte[] csrData = buildCSR(octetBuffer, mOMADMAdapter, httpHandler);
        /**/
        Collection<Asn1Object> o = Asn1Decoder.decode(ByteBuffer.wrap(csrData));
        Log.d(TAG, "CSR:");
        Log.d(TAG, o.iterator().next().toString());
        Log.d(TAG, "End CSR.");
        /**/
        URL enrollURL = new URL(mURL.getProtocol(), mURL.getHost(), mURL.getPort(), mURL.getFile() + (reenroll ? SIMPLE_REENROLL_PATH : SIMPLE_ENROLL_PATH));
        String data = Base64.encodeToString(csrData, Base64.DEFAULT);
        octetBuffer = httpHandler.exchangeBinary(enrollURL, data, "application/pkcs10");
        Collection<Asn1Object> pkcs7Content2 = Asn1Decoder.decode(octetBuffer);
        for (Asn1Object asn1Object : pkcs7Content2) {
            Log.d(TAG, "---");
            Log.d(TAG, asn1Object.toString());
        }
        mClientCerts.addAll(unpackPkcs7(octetBuffer));
        for (X509Certificate cert : mClientCerts) {
            Log.d(TAG, cert.toString());
        }
    }
}
Also used : HTTPHandler(com.android.hotspot2.osu.HTTPHandler) HTTPResponse(com.android.hotspot2.utils.HTTPResponse) IOException(java.io.IOException) DERBitString(com.android.org.bouncycastle.asn1.DERBitString) DERPrintableString(com.android.org.bouncycastle.asn1.DERPrintableString) DERIA5String(com.android.org.bouncycastle.asn1.DERIA5String) ByteBuffer(java.nio.ByteBuffer) URL(java.net.URL) X509Certificate(java.security.cert.X509Certificate) Asn1Object(com.android.hotspot2.asn1.Asn1Object)

Example 17 with ASN1Object

use of com.mindbright.asn1.ASN1Object in project android_frameworks_base by AOSPA.

the class ESTHandler method unpackPkcs7.

private static List<X509Certificate> unpackPkcs7(ByteBuffer pkcs7) throws IOException, GeneralSecurityException {
    Collection<Asn1Object> pkcs7Content = Asn1Decoder.decode(pkcs7);
    if (pkcs7Content.size() != 1) {
        throw new IOException("Unexpected pkcs 7 container: " + pkcs7Content.size());
    }
    Asn1Object data = pkcs7Content.iterator().next();
    if (!data.isConstructed() || !data.matches(sSEQUENCE)) {
        throw new IOException("Expected SEQ OF, got " + data.toSimpleString());
    } else if (data.getChildren().size() != 2) {
        throw new IOException("Expected content info to have two children, got " + data.getChildren().size());
    }
    Iterator<Asn1Object> children = data.getChildren().iterator();
    Asn1Object contentType = children.next();
    if (!contentType.equals(Asn1Oid.PKCS7SignedData)) {
        throw new IOException("Content not PKCS7 signed data");
    }
    Asn1Object content = children.next();
    if (!content.isConstructed() || !content.matches(sCTXT0)) {
        throw new IOException("Expected [CONTEXT 0] with one child, got " + content.toSimpleString() + ", " + content.getChildren().size());
    }
    Asn1Object signedData = content.getChildren().iterator().next();
    Map<Integer, Asn1Object> itemMap = new HashMap<>();
    for (Asn1Object item : signedData.getChildren()) {
        if (itemMap.put(item.getTag(), item) != null && item.getTag() != Asn1Decoder.TAG_SET) {
            throw new IOException("Duplicate item in SignedData: " + item.toSimpleString());
        }
    }
    Asn1Object versionObject = itemMap.get(Asn1Decoder.TAG_INTEGER);
    if (versionObject == null || !(versionObject instanceof Asn1Integer)) {
        throw new IOException("Bad or missing PKCS7 version: " + versionObject);
    }
    int pkcs7version = (int) ((Asn1Integer) versionObject).getValue();
    Asn1Object innerContentInfo = itemMap.get(Asn1Decoder.TAG_SEQ);
    if (innerContentInfo == null || !innerContentInfo.isConstructed() || !innerContentInfo.matches(sSEQUENCE) || innerContentInfo.getChildren().size() != 1) {
        throw new IOException("Bad or missing PKCS7 contentInfo");
    }
    Asn1Object contentID = innerContentInfo.getChildren().iterator().next();
    if (pkcs7version == PKCS7DataVersion && !contentID.equals(Asn1Oid.PKCS7Data) || pkcs7version == PKCS7SignedDataVersion && !contentID.equals(Asn1Oid.PKCS7SignedData)) {
        throw new IOException("Inner PKCS7 content (" + contentID + ") not expected for version " + pkcs7version);
    }
    Asn1Object certWrapper = itemMap.get(0);
    if (certWrapper == null || !certWrapper.isConstructed() || !certWrapper.matches(sCTXT0)) {
        throw new IOException("Expected [CONTEXT 0], got: " + certWrapper);
    }
    List<X509Certificate> certList = new ArrayList<>(certWrapper.getChildren().size());
    CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
    for (Asn1Object certObject : certWrapper.getChildren()) {
        ByteBuffer certOctets = ((Asn1Constructed) certObject).getEncoding();
        if (certOctets == null) {
            throw new IOException("No cert payload in: " + certObject);
        }
        byte[] certBytes = new byte[certOctets.remaining()];
        certOctets.get(certBytes);
        certList.add((X509Certificate) certFactory.generateCertificate(new ByteArrayInputStream(certBytes)));
    }
    return certList;
}
Also used : Asn1Constructed(com.android.hotspot2.asn1.Asn1Constructed) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) IOException(java.io.IOException) CertificateFactory(java.security.cert.CertificateFactory) ByteBuffer(java.nio.ByteBuffer) X509Certificate(java.security.cert.X509Certificate) Asn1Object(com.android.hotspot2.asn1.Asn1Object) Asn1Integer(com.android.hotspot2.asn1.Asn1Integer) ByteArrayInputStream(java.io.ByteArrayInputStream) Asn1Integer(com.android.hotspot2.asn1.Asn1Integer)

Example 18 with ASN1Object

use of com.mindbright.asn1.ASN1Object in project xipki by xipki.

the class P11ProxyResponder method processRequest.

/**
 * The request is constructed as follows:
 * <pre>
 * 0 - - - 1 - - - 2 - - - 3 - - - 4 - - - 5 - - - 6 - - - 7 - - - 8
 * |    Version    |        Transaction ID         |   Body ...    |
 * |   ... Length  |     Action    |   Module ID   |   Content...  |
 * |   .Content               | <-- 10 + Length (offset).
 *
 * </pre>
 */
byte[] processRequest(LocalP11CryptServicePool pool, byte[] request) {
    int reqLen = request.length;
    // TransactionID
    byte[] transactionId = new byte[4];
    if (reqLen > 5) {
        System.arraycopy(request, 2, transactionId, 0, 4);
    }
    // Action
    short action = P11ProxyConstants.ACTION_NOPE;
    if (reqLen > 11) {
        action = IoUtil.parseShort(request, 10);
    }
    if (reqLen < 14) {
        LOG.error("response too short");
        return getResp(P11ProxyConstants.VERSION_V1_0, transactionId, action, P11ProxyConstants.RC_BAD_REQUEST);
    }
    // Version
    short version = IoUtil.parseShort(request, 0);
    if (!versions.contains(version)) {
        LOG.error("unsupported version {}", version);
        return getResp(P11ProxyConstants.VERSION_V1_0, transactionId, action, P11ProxyConstants.RC_UNSUPPORTED_VERSION);
    }
    // Length
    int reqBodyLen = IoUtil.parseInt(request, 6);
    if (reqBodyLen + 10 != reqLen) {
        LOG.error("message length unmatch");
        return getResp(version, transactionId, action, P11ProxyConstants.RC_BAD_REQUEST);
    }
    short moduleId = IoUtil.parseShort(request, 12);
    int contentLen = reqLen - 14;
    byte[] content;
    if (contentLen == 0) {
        if (actionsRequireNonNullRequest.contains(action)) {
            LOG.error("content is not present but is required");
            return getResp(version, transactionId, P11ProxyConstants.RC_BAD_REQUEST, action);
        }
        content = null;
    } else {
        if (actionsRequireNullRequest.contains(action)) {
            LOG.error("content is present but is not permitted");
            return getResp(version, transactionId, P11ProxyConstants.RC_BAD_REQUEST, action);
        }
        content = new byte[contentLen];
        System.arraycopy(request, 14, content, 0, contentLen);
    }
    P11CryptService p11CryptService = pool.getP11CryptService(moduleId);
    if (p11CryptService == null) {
        LOG.error("no module {} available", moduleId);
        return getResp(version, transactionId, P11ProxyConstants.RC_UNKNOWN_MODULE, action);
    }
    try {
        switch(action) {
            case P11ProxyConstants.ACTION_ADD_CERT:
                {
                    Asn1EntityIdAndCert asn1 = Asn1EntityIdAndCert.getInstance(content);
                    P11Slot slot = getSlot(p11CryptService, asn1.getEntityId());
                    X509Certificate cert = X509Util.toX509Cert(asn1.getCertificate());
                    slot.addCert(asn1.getEntityId().getObjectId().getObjectId(), cert);
                    return getSuccessResp(version, transactionId, action, (byte[]) null);
                }
            case P11ProxyConstants.ACTION_DIGEST_SECRETKEY:
                {
                    Asn1DigestSecretKeyTemplate template = Asn1DigestSecretKeyTemplate.getInstance(content);
                    long mechanism = template.getMechanism().getMechanism();
                    P11Identity identity = p11CryptService.getIdentity(template.getIdentityId().getEntityId());
                    byte[] hashValue = identity.digestSecretKey(mechanism);
                    ASN1Object obj = new DEROctetString(hashValue);
                    return getSuccessResp(version, transactionId, action, obj);
                }
            case P11ProxyConstants.ACTION_GEN_KEYPAIR_DSA:
                {
                    Asn1GenDSAKeypairParams asn1 = Asn1GenDSAKeypairParams.getInstance(content);
                    P11Slot slot = getSlot(p11CryptService, asn1.getSlotId());
                    P11ObjectIdentifier keyId = slot.generateDSAKeypair(asn1.getP(), asn1.getQ(), asn1.getG(), asn1.getLabel(), asn1.getControl());
                    ASN1Object obj = new Asn1P11EntityIdentifier(asn1.getSlotId(), keyId);
                    return getSuccessResp(version, transactionId, action, obj);
                }
            case P11ProxyConstants.ACTION_GEN_KEYPAIR_EC:
                {
                    Asn1GenECKeypairParams asn1 = Asn1GenECKeypairParams.getInstance(content);
                    P11Slot slot = getSlot(p11CryptService, asn1.getSlotId());
                    P11ObjectIdentifier keyId = slot.generateECKeypair(asn1.getCurveId().getId(), asn1.getLabel(), asn1.getControl());
                    ASN1Object obj = new Asn1P11EntityIdentifier(asn1.getSlotId(), keyId);
                    return getSuccessResp(version, transactionId, action, obj);
                }
            case P11ProxyConstants.ACTION_GEN_KEYPAIR_RSA:
                {
                    Asn1GenRSAKeypairParams asn1 = Asn1GenRSAKeypairParams.getInstance(content);
                    P11Slot slot = getSlot(p11CryptService, asn1.getSlotId());
                    P11ObjectIdentifier keyId = slot.generateRSAKeypair(asn1.getKeysize(), asn1.getPublicExponent(), asn1.getLabel(), asn1.getControl());
                    ASN1Object obj = new Asn1P11EntityIdentifier(asn1.getSlotId(), keyId);
                    return getSuccessResp(version, transactionId, action, obj);
                }
            case P11ProxyConstants.ACTION_GEN_KEYPAIR_SM2:
                {
                    Asn1GenSM2KeypairParams asn1 = Asn1GenSM2KeypairParams.getInstance(content);
                    P11Slot slot = getSlot(p11CryptService, asn1.getSlotId());
                    P11ObjectIdentifier keyId = slot.generateSM2Keypair(asn1.getLabel(), asn1.getControl());
                    ASN1Object obj = new Asn1P11EntityIdentifier(asn1.getSlotId(), keyId);
                    return getSuccessResp(version, transactionId, action, obj);
                }
            case P11ProxyConstants.ACTION_GEN_SECRET_KEY:
                {
                    Asn1GenSecretKeyParams asn1 = Asn1GenSecretKeyParams.getInstance(content);
                    P11Slot slot = getSlot(p11CryptService, asn1.getSlotId());
                    P11ObjectIdentifier keyId = slot.generateSecretKey(asn1.getKeyType(), asn1.getKeysize(), asn1.getLabel(), asn1.getControl());
                    ASN1Object obj = new Asn1P11EntityIdentifier(asn1.getSlotId(), keyId);
                    return getSuccessResp(version, transactionId, action, obj);
                }
            case P11ProxyConstants.ACTION_GET_CERT:
                {
                    P11EntityIdentifier entityId = Asn1P11EntityIdentifier.getInstance(content).getEntityId();
                    X509Certificate cert = p11CryptService.getIdentity(entityId).getCertificate();
                    return getSuccessResp(version, transactionId, action, cert.getEncoded());
                }
            case P11ProxyConstants.ACTION_GET_CERT_IDS:
            case P11ProxyConstants.ACTION_GET_IDENTITY_IDS:
                {
                    Asn1P11SlotIdentifier slotId = Asn1P11SlotIdentifier.getInstance(content);
                    P11Slot slot = p11CryptService.getModule().getSlot(slotId.getSlotId());
                    Set<P11ObjectIdentifier> objectIds;
                    if (P11ProxyConstants.ACTION_GET_CERT_IDS == action) {
                        objectIds = slot.getCertIdentifiers();
                    } else {
                        objectIds = slot.getIdentityIdentifiers();
                    }
                    ASN1EncodableVector vec = new ASN1EncodableVector();
                    for (P11ObjectIdentifier objectId : objectIds) {
                        vec.add(new Asn1P11ObjectIdentifier(objectId));
                    }
                    ASN1Object obj = new DERSequence(vec);
                    return getSuccessResp(version, transactionId, action, obj);
                }
            case P11ProxyConstants.ACTION_GET_MECHANISMS:
                {
                    P11SlotIdentifier slotId = Asn1P11SlotIdentifier.getInstance(content).getSlotId();
                    Set<Long> mechs = p11CryptService.getSlot(slotId).getMechanisms();
                    ASN1EncodableVector vec = new ASN1EncodableVector();
                    for (Long mech : mechs) {
                        vec.add(new ASN1Integer(mech));
                    }
                    ASN1Object obj = new DERSequence(vec);
                    return getSuccessResp(version, transactionId, action, obj);
                }
            case P11ProxyConstants.ACTION_GET_PUBLICKEY:
                {
                    P11EntityIdentifier identityId = Asn1P11EntityIdentifier.getInstance(content).getEntityId();
                    PublicKey pubKey = p11CryptService.getIdentity(identityId).getPublicKey();
                    if (pubKey == null) {
                        throw new P11UnknownEntityException(identityId);
                    }
                    ASN1Object obj = KeyUtil.createSubjectPublicKeyInfo(pubKey);
                    return getSuccessResp(version, transactionId, action, obj);
                }
            case P11ProxyConstants.ACTION_GET_SERVER_CAPS:
                {
                    boolean readOnly = p11CryptService.getModule().isReadOnly();
                    ASN1Object obj = new Asn1ServerCaps(readOnly, versions);
                    return getSuccessResp(version, transactionId, action, obj);
                }
            case P11ProxyConstants.ACTION_GET_SLOT_IDS:
                {
                    List<P11SlotIdentifier> slotIds = p11CryptService.getModule().getSlotIds();
                    ASN1EncodableVector vector = new ASN1EncodableVector();
                    for (P11SlotIdentifier slotId : slotIds) {
                        vector.add(new Asn1P11SlotIdentifier(slotId));
                    }
                    ASN1Object obj = new DERSequence(vector);
                    return getSuccessResp(version, transactionId, action, obj);
                }
            case P11ProxyConstants.ACTION_IMPORT_SECRET_KEY:
                {
                    Asn1ImportSecretKeyParams asn1 = Asn1ImportSecretKeyParams.getInstance(content);
                    P11Slot slot = getSlot(p11CryptService, asn1.getSlotId());
                    P11ObjectIdentifier keyId = slot.importSecretKey(asn1.getKeyType(), asn1.getKeyValue(), asn1.getLabel(), asn1.getControl());
                    ASN1Object obj = new Asn1P11EntityIdentifier(asn1.getSlotId(), keyId);
                    return getSuccessResp(version, transactionId, action, obj);
                }
            case P11ProxyConstants.ACTION_REMOVE_CERTS:
                {
                    Asn1P11EntityIdentifier asn1 = Asn1P11EntityIdentifier.getInstance(content);
                    P11Slot slot = getSlot(p11CryptService, asn1);
                    slot.removeCerts(asn1.getObjectId().getObjectId());
                    return getSuccessResp(version, transactionId, action, (byte[]) null);
                }
            case P11ProxyConstants.ACTION_REMOVE_IDENTITY:
                {
                    Asn1P11EntityIdentifier asn1 = Asn1P11EntityIdentifier.getInstance(content);
                    P11Slot slot = getSlot(p11CryptService, asn1);
                    slot.removeIdentity(asn1.getObjectId().getObjectId());
                    return getSuccessResp(version, transactionId, action, (byte[]) null);
                }
            case P11ProxyConstants.ACTION_REMOVE_OBJECTS:
                {
                    Asn1RemoveObjectsParams asn1 = Asn1RemoveObjectsParams.getInstance(content);
                    P11Slot slot = getSlot(p11CryptService, asn1.getSlotId());
                    int num = slot.removeObjects(asn1.getOjectId(), asn1.getObjectLabel());
                    ASN1Object obj = new ASN1Integer(num);
                    return getSuccessResp(version, transactionId, action, obj);
                }
            case P11ProxyConstants.ACTION_SIGN:
                {
                    Asn1SignTemplate signTemplate = Asn1SignTemplate.getInstance(content);
                    long mechanism = signTemplate.getMechanism().getMechanism();
                    Asn1P11Params asn1Params = signTemplate.getMechanism().getParams();
                    P11Params params = null;
                    if (asn1Params != null) {
                        switch(asn1Params.getTagNo()) {
                            case Asn1P11Params.TAG_RSA_PKCS_PSS:
                                params = Asn1RSAPkcsPssParams.getInstance(asn1Params).getPkcsPssParams();
                                break;
                            case Asn1P11Params.TAG_OPAQUE:
                                params = new P11ByteArrayParams(ASN1OctetString.getInstance(asn1Params).getOctets());
                                break;
                            case Asn1P11Params.TAG_IV:
                                params = new P11IVParams(ASN1OctetString.getInstance(asn1Params).getOctets());
                                break;
                            default:
                                throw new BadAsn1ObjectException("unknown SignTemplate.params: unknown tag " + asn1Params.getTagNo());
                        }
                    }
                    byte[] message = signTemplate.getMessage();
                    P11Identity identity = p11CryptService.getIdentity(signTemplate.getIdentityId().getEntityId());
                    byte[] signature = identity.sign(mechanism, params, message);
                    ASN1Object obj = new DEROctetString(signature);
                    return getSuccessResp(version, transactionId, action, obj);
                }
            case P11ProxyConstants.ACTION_UPDATE_CERT:
                {
                    Asn1EntityIdAndCert asn1 = Asn1EntityIdAndCert.getInstance(content);
                    P11Slot slot = getSlot(p11CryptService, asn1.getEntityId());
                    slot.updateCertificate(asn1.getEntityId().getObjectId().getObjectId(), X509Util.toX509Cert(asn1.getCertificate()));
                    return getSuccessResp(version, transactionId, action, (byte[]) null);
                }
            default:
                {
                    LOG.error("unsupported XiPKI action code '{}'", action);
                    return getResp(version, transactionId, action, P11ProxyConstants.RC_UNSUPPORTED_ACTION);
                }
        }
    } catch (BadAsn1ObjectException ex) {
        LogUtil.error(LOG, ex, "could not process decode requested content (tid=" + Hex.encode(transactionId) + ")");
        return getResp(version, transactionId, action, P11ProxyConstants.RC_BAD_REQUEST);
    } catch (P11TokenException ex) {
        LogUtil.error(LOG, ex, buildErrorMsg(action, transactionId));
        short rc;
        if (ex instanceof P11UnknownEntityException) {
            rc = P11ProxyConstants.RC_DUPLICATE_ENTITY;
        } else if (ex instanceof P11DuplicateEntityException) {
            rc = P11ProxyConstants.RC_DUPLICATE_ENTITY;
        } else if (ex instanceof P11UnsupportedMechanismException) {
            rc = P11ProxyConstants.RC_UNSUPPORTED_MECHANISM;
        } else {
            rc = P11ProxyConstants.RC_P11_TOKENERROR;
        }
        return getResp(version, transactionId, action, rc);
    } catch (XiSecurityException | CertificateException | InvalidKeyException ex) {
        LogUtil.error(LOG, ex, buildErrorMsg(action, transactionId));
        return getResp(version, transactionId, action, P11ProxyConstants.RC_INTERNAL_ERROR);
    } catch (Throwable th) {
        LogUtil.error(LOG, th, buildErrorMsg(action, transactionId));
        return getResp(version, transactionId, action, P11ProxyConstants.RC_INTERNAL_ERROR);
    }
}
Also used : Set(java.util.Set) HashSet(java.util.HashSet) Asn1ServerCaps(org.xipki.p11proxy.msg.Asn1ServerCaps) P11TokenException(org.xipki.security.exception.P11TokenException) Asn1P11EntityIdentifier(org.xipki.p11proxy.msg.Asn1P11EntityIdentifier) P11EntityIdentifier(org.xipki.security.pkcs11.P11EntityIdentifier) CertificateException(java.security.cert.CertificateException) Asn1P11Params(org.xipki.p11proxy.msg.Asn1P11Params) P11Params(org.xipki.security.pkcs11.P11Params) Asn1RemoveObjectsParams(org.xipki.p11proxy.msg.Asn1RemoveObjectsParams) DEROctetString(org.bouncycastle.asn1.DEROctetString) P11DuplicateEntityException(org.xipki.security.exception.P11DuplicateEntityException) Asn1GenSecretKeyParams(org.xipki.p11proxy.msg.Asn1GenSecretKeyParams) Asn1P11EntityIdentifier(org.xipki.p11proxy.msg.Asn1P11EntityIdentifier) DERSequence(org.bouncycastle.asn1.DERSequence) XiSecurityException(org.xipki.security.exception.XiSecurityException) P11ByteArrayParams(org.xipki.security.pkcs11.P11ByteArrayParams) P11UnknownEntityException(org.xipki.security.exception.P11UnknownEntityException) Asn1DigestSecretKeyTemplate(org.xipki.p11proxy.msg.Asn1DigestSecretKeyTemplate) Asn1GenDSAKeypairParams(org.xipki.p11proxy.msg.Asn1GenDSAKeypairParams) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) List(java.util.List) Asn1ImportSecretKeyParams(org.xipki.p11proxy.msg.Asn1ImportSecretKeyParams) ASN1Object(org.bouncycastle.asn1.ASN1Object) Asn1P11Params(org.xipki.p11proxy.msg.Asn1P11Params) Asn1P11SlotIdentifier(org.xipki.p11proxy.msg.Asn1P11SlotIdentifier) P11SlotIdentifier(org.xipki.security.pkcs11.P11SlotIdentifier) PublicKey(java.security.PublicKey) Asn1SignTemplate(org.xipki.p11proxy.msg.Asn1SignTemplate) P11Slot(org.xipki.security.pkcs11.P11Slot) Asn1P11ObjectIdentifier(org.xipki.p11proxy.msg.Asn1P11ObjectIdentifier) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) P11Identity(org.xipki.security.pkcs11.P11Identity) InvalidKeyException(java.security.InvalidKeyException) P11CryptService(org.xipki.security.pkcs11.P11CryptService) X509Certificate(java.security.cert.X509Certificate) Asn1GenRSAKeypairParams(org.xipki.p11proxy.msg.Asn1GenRSAKeypairParams) Asn1EntityIdAndCert(org.xipki.p11proxy.msg.Asn1EntityIdAndCert) P11UnsupportedMechanismException(org.xipki.security.exception.P11UnsupportedMechanismException) Asn1GenSM2KeypairParams(org.xipki.p11proxy.msg.Asn1GenSM2KeypairParams) Asn1P11ObjectIdentifier(org.xipki.p11proxy.msg.Asn1P11ObjectIdentifier) P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier) Asn1GenECKeypairParams(org.xipki.p11proxy.msg.Asn1GenECKeypairParams) P11IVParams(org.xipki.security.pkcs11.P11IVParams) Asn1P11SlotIdentifier(org.xipki.p11proxy.msg.Asn1P11SlotIdentifier) BadAsn1ObjectException(org.xipki.security.exception.BadAsn1ObjectException)

Example 19 with ASN1Object

use of com.mindbright.asn1.ASN1Object in project titan.EclipsePlug-ins by eclipse.

the class ObjectClassSyntax_Parser method visitSetting.

@Override
public /**
 * {@inheritDoc}
 */
void visitSetting(final ObjectClassSyntax_setting parameter) {
    FieldSetting fieldSetting = null;
    switch(parameter.getSettingType()) {
        case S_T:
            final ASN1Type type = parseType();
            if (null != type) {
                fieldSetting = new FieldSetting_Type(parameter.getIdentifier().newInstance(), type);
                fieldSetting.setLocation(mBlock.getLocation());
            }
            break;
        case S_V:
            final Value value = parseValue();
            if (value != null) {
                fieldSetting = new FieldSetting_Value(parameter.getIdentifier().newInstance(), value);
                fieldSetting.setLocation(mBlock.getLocation());
            }
            break;
        case S_VS:
            // TODO mark as NOT SUPPORTED
            break;
        case S_O:
            final ASN1Object object = parseObject();
            if (null != object) {
                fieldSetting = new FieldSetting_Object(parameter.getIdentifier().newInstance(), object);
                fieldSetting.setLocation(mBlock.getLocation());
            }
            break;
        case S_OS:
            final ObjectSet objectSet = parseObjectSet();
            if (null != objectSet) {
                fieldSetting = new FieldSetting_ObjectSet(parameter.getIdentifier().newInstance(), objectSet);
                fieldSetting.setLocation(mBlock.getLocation());
            }
            break;
        case S_UNDEF:
        // FATAL ERROR
        default:
            break;
    }
    previousSuccess = null != fieldSetting;
    myObject.addFieldSetting(fieldSetting);
}
Also used : Value(org.eclipse.titan.designer.AST.Value) ASN1Type(org.eclipse.titan.designer.AST.ASN1.ASN1Type) ObjectSet(org.eclipse.titan.designer.AST.ASN1.ObjectSet) ASN1Object(org.eclipse.titan.designer.AST.ASN1.ASN1Object)

Example 20 with ASN1Object

use of com.mindbright.asn1.ASN1Object in project pdfbox by apache.

the class SigUtils method extractTimeStampTokenFromSignerInformation.

public static TimeStampToken extractTimeStampTokenFromSignerInformation(SignerInformation signerInformation) throws CMSException, IOException, TSPException {
    if (signerInformation.getUnsignedAttributes() == null) {
        return null;
    }
    AttributeTable unsignedAttributes = signerInformation.getUnsignedAttributes();
    // https://stackoverflow.com/questions/1647759/how-to-validate-if-a-signed-jar-contains-a-timestamp
    Attribute attribute = unsignedAttributes.get(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken);
    if (attribute == null) {
        return null;
    }
    ASN1Object obj = (ASN1Object) attribute.getAttrValues().getObjectAt(0);
    CMSSignedData signedTSTData = new CMSSignedData(obj.getEncoded());
    return new TimeStampToken(signedTSTData);
}
Also used : Attribute(org.bouncycastle.asn1.cms.Attribute) AttributeTable(org.bouncycastle.asn1.cms.AttributeTable) ASN1Object(org.bouncycastle.asn1.ASN1Object) TimeStampToken(org.bouncycastle.tsp.TimeStampToken) CMSSignedData(org.bouncycastle.cms.CMSSignedData)

Aggregations

IOException (java.io.IOException)35 Asn1Object (com.android.hotspot2.asn1.Asn1Object)25 ASN1Object (org.bouncycastle.asn1.ASN1Object)20 ArrayList (java.util.ArrayList)16 Asn1Constructed (com.android.hotspot2.asn1.Asn1Constructed)15 HashMap (java.util.HashMap)15 Asn1Object (io.churchkey.asn1.Asn1Object)13 DerParser (io.churchkey.asn1.DerParser)12 X509Certificate (java.security.cert.X509Certificate)12 Asn1Integer (com.android.hotspot2.asn1.Asn1Integer)10 DERBitString (com.android.org.bouncycastle.asn1.DERBitString)10 DERIA5String (com.android.org.bouncycastle.asn1.DERIA5String)10 DERPrintableString (com.android.org.bouncycastle.asn1.DERPrintableString)10 ByteBuffer (java.nio.ByteBuffer)10 Key (io.churchkey.Key)8 ByteArrayInputStream (java.io.ByteArrayInputStream)7 I18Name (com.android.anqp.I18Name)5 Asn1Oid (com.android.hotspot2.asn1.Asn1Oid)5 Asn1String (com.android.hotspot2.asn1.Asn1String)5 OidMappings (com.android.hotspot2.asn1.OidMappings)5