Search in sources :

Example 36 with ASN1Null

use of com.unboundid.asn1.ASN1Null in project LinLong-Java by zhenwei1108.

the class ASN1Dump method _dumpAsString.

/**
 * dump a DER object as a formatted string with indentation
 *
 * @param obj the ASN1Primitive to be dumped out.
 */
static void _dumpAsString(String indent, boolean verbose, ASN1Primitive obj, StringBuffer buf) {
    String nl = Strings.lineSeparator();
    if (obj instanceof ASN1Null) {
        buf.append(indent);
        buf.append("NULL");
        buf.append(nl);
    } else if (obj instanceof ASN1Sequence) {
        buf.append(indent);
        if (obj instanceof BERSequence) {
            buf.append("BER Sequence");
        } else if (obj instanceof DERSequence) {
            buf.append("DER Sequence");
        } else {
            buf.append("Sequence");
        }
        buf.append(nl);
        ASN1Sequence sequence = (ASN1Sequence) obj;
        String elementsIndent = indent + TAB;
        for (int i = 0, count = sequence.size(); i < count; ++i) {
            _dumpAsString(elementsIndent, verbose, sequence.getObjectAt(i).toASN1Primitive(), buf);
        }
    } else if (obj instanceof ASN1Set) {
        buf.append(indent);
        if (obj instanceof BERSet) {
            buf.append("BER Set");
        } else if (obj instanceof DERSet) {
            buf.append("DER Set");
        } else {
            buf.append("Set");
        }
        buf.append(nl);
        ASN1Set set = (ASN1Set) obj;
        String elementsIndent = indent + TAB;
        for (int i = 0, count = set.size(); i < count; ++i) {
            _dumpAsString(elementsIndent, verbose, set.getObjectAt(i).toASN1Primitive(), buf);
        }
    } else if (obj instanceof ASN1ApplicationSpecific) {
        _dumpAsString(indent, verbose, ((ASN1ApplicationSpecific) obj).getTaggedObject(), buf);
    } else if (obj instanceof ASN1TaggedObject) {
        buf.append(indent);
        if (obj instanceof BERTaggedObject) {
            buf.append("BER Tagged ");
        } else if (obj instanceof DERTaggedObject) {
            buf.append("DER Tagged ");
        } else {
            buf.append("Tagged ");
        }
        ASN1TaggedObject o = (ASN1TaggedObject) obj;
        buf.append(ASN1Util.getTagText(o));
        if (!o.isExplicit()) {
            buf.append(" IMPLICIT ");
        }
        buf.append(nl);
        String baseIndent = indent + TAB;
        _dumpAsString(baseIndent, verbose, o.getBaseObject().toASN1Primitive(), buf);
    } else if (obj instanceof ASN1OctetString) {
        ASN1OctetString oct = (ASN1OctetString) obj;
        if (obj instanceof BEROctetString) {
            buf.append(indent + "BER Constructed Octet String" + "[" + oct.getOctets().length + "] ");
        } else {
            buf.append(indent + "DER Octet String" + "[" + oct.getOctets().length + "] ");
        }
        if (verbose) {
            buf.append(dumpBinaryDataAsString(indent, oct.getOctets()));
        } else {
            buf.append(nl);
        }
    } else if (obj instanceof ASN1ObjectIdentifier) {
        buf.append(indent + "ObjectIdentifier(" + ((ASN1ObjectIdentifier) obj).getId() + ")" + nl);
    } else if (obj instanceof ASN1RelativeOID) {
        buf.append(indent + "RelativeOID(" + ((ASN1RelativeOID) obj).getId() + ")" + nl);
    } else if (obj instanceof ASN1Boolean) {
        buf.append(indent + "Boolean(" + ((ASN1Boolean) obj).isTrue() + ")" + nl);
    } else if (obj instanceof ASN1Integer) {
        buf.append(indent + "Integer(" + ((ASN1Integer) obj).getValue() + ")" + nl);
    } else if (obj instanceof ASN1BitString) {
        ASN1BitString bitString = (ASN1BitString) obj;
        byte[] bytes = bitString.getBytes();
        int padBits = bitString.getPadBits();
        if (bitString instanceof DERBitString) {
            buf.append(indent + "DER Bit String" + "[" + bytes.length + ", " + padBits + "] ");
        } else if (bitString instanceof DLBitString) {
            buf.append(indent + "DL Bit String" + "[" + bytes.length + ", " + padBits + "] ");
        } else {
            buf.append(indent + "BER Bit String" + "[" + bytes.length + ", " + padBits + "] ");
        }
        if (verbose) {
            buf.append(dumpBinaryDataAsString(indent, bytes));
        } else {
            buf.append(nl);
        }
    } else if (obj instanceof ASN1IA5String) {
        buf.append(indent + "IA5String(" + ((ASN1IA5String) obj).getString() + ") " + nl);
    } else if (obj instanceof ASN1UTF8String) {
        buf.append(indent + "UTF8String(" + ((ASN1UTF8String) obj).getString() + ") " + nl);
    } else if (obj instanceof ASN1NumericString) {
        buf.append(indent + "NumericString(" + ((ASN1NumericString) obj).getString() + ") " + nl);
    } else if (obj instanceof ASN1PrintableString) {
        buf.append(indent + "PrintableString(" + ((ASN1PrintableString) obj).getString() + ") " + nl);
    } else if (obj instanceof ASN1VisibleString) {
        buf.append(indent + "VisibleString(" + ((ASN1VisibleString) obj).getString() + ") " + nl);
    } else if (obj instanceof ASN1BMPString) {
        buf.append(indent + "BMPString(" + ((ASN1BMPString) obj).getString() + ") " + nl);
    } else if (obj instanceof ASN1T61String) {
        buf.append(indent + "T61String(" + ((ASN1T61String) obj).getString() + ") " + nl);
    } else if (obj instanceof ASN1GraphicString) {
        buf.append(indent + "GraphicString(" + ((ASN1GraphicString) obj).getString() + ") " + nl);
    } else if (obj instanceof ASN1VideotexString) {
        buf.append(indent + "VideotexString(" + ((ASN1VideotexString) obj).getString() + ") " + nl);
    } else if (obj instanceof ASN1UTCTime) {
        buf.append(indent + "UTCTime(" + ((ASN1UTCTime) obj).getTime() + ") " + nl);
    } else if (obj instanceof ASN1GeneralizedTime) {
        buf.append(indent + "GeneralizedTime(" + ((ASN1GeneralizedTime) obj).getTime() + ") " + nl);
    } else if (obj instanceof ASN1Enumerated) {
        ASN1Enumerated en = (ASN1Enumerated) obj;
        buf.append(indent + "DER Enumerated(" + en.getValue() + ")" + nl);
    } else if (obj instanceof ASN1ObjectDescriptor) {
        ASN1ObjectDescriptor od = (ASN1ObjectDescriptor) obj;
        buf.append(indent + "ObjectDescriptor(" + od.getBaseGraphicString().getString() + ") " + nl);
    } else if (obj instanceof ASN1External) {
        ASN1External ext = (ASN1External) obj;
        buf.append(indent + "External " + nl);
        String tab = indent + TAB;
        if (ext.getDirectReference() != null) {
            buf.append(tab + "Direct Reference: " + ext.getDirectReference().getId() + nl);
        }
        if (ext.getIndirectReference() != null) {
            buf.append(tab + "Indirect Reference: " + ext.getIndirectReference().toString() + nl);
        }
        if (ext.getDataValueDescriptor() != null) {
            _dumpAsString(tab, verbose, ext.getDataValueDescriptor(), buf);
        }
        buf.append(tab + "Encoding: " + ext.getEncoding() + nl);
        _dumpAsString(tab, verbose, ext.getExternalContent(), buf);
    } else {
        buf.append(indent + obj.toString() + nl);
    }
}
Also used : ASN1OctetString(com.github.zhenwei.core.asn1.ASN1OctetString) ASN1TaggedObject(com.github.zhenwei.core.asn1.ASN1TaggedObject) ASN1BMPString(com.github.zhenwei.core.asn1.ASN1BMPString) ASN1UTCTime(com.github.zhenwei.core.asn1.ASN1UTCTime) ASN1GeneralizedTime(com.github.zhenwei.core.asn1.ASN1GeneralizedTime) ASN1IA5String(com.github.zhenwei.core.asn1.ASN1IA5String) ASN1T61String(com.github.zhenwei.core.asn1.ASN1T61String) ASN1BitString(com.github.zhenwei.core.asn1.ASN1BitString) ASN1UTF8String(com.github.zhenwei.core.asn1.ASN1UTF8String) ASN1VisibleString(com.github.zhenwei.core.asn1.ASN1VisibleString) ASN1OctetString(com.github.zhenwei.core.asn1.ASN1OctetString) ASN1NumericString(com.github.zhenwei.core.asn1.ASN1NumericString) BEROctetString(com.github.zhenwei.core.asn1.BEROctetString) ASN1BMPString(com.github.zhenwei.core.asn1.ASN1BMPString) ASN1VideotexString(com.github.zhenwei.core.asn1.ASN1VideotexString) DERBitString(com.github.zhenwei.core.asn1.DERBitString) ASN1PrintableString(com.github.zhenwei.core.asn1.ASN1PrintableString) DLBitString(com.github.zhenwei.core.asn1.DLBitString) ASN1GraphicString(com.github.zhenwei.core.asn1.ASN1GraphicString) DLBitString(com.github.zhenwei.core.asn1.DLBitString) DERSet(com.github.zhenwei.core.asn1.DERSet) ASN1BitString(com.github.zhenwei.core.asn1.ASN1BitString) ASN1External(com.github.zhenwei.core.asn1.ASN1External) ASN1T61String(com.github.zhenwei.core.asn1.ASN1T61String) DERSequence(com.github.zhenwei.core.asn1.DERSequence) BEROctetString(com.github.zhenwei.core.asn1.BEROctetString) ASN1Enumerated(com.github.zhenwei.core.asn1.ASN1Enumerated) BERTaggedObject(com.github.zhenwei.core.asn1.BERTaggedObject) ASN1ObjectDescriptor(com.github.zhenwei.core.asn1.ASN1ObjectDescriptor) BERSet(com.github.zhenwei.core.asn1.BERSet) ASN1NumericString(com.github.zhenwei.core.asn1.ASN1NumericString) ASN1UTF8String(com.github.zhenwei.core.asn1.ASN1UTF8String) ASN1GraphicString(com.github.zhenwei.core.asn1.ASN1GraphicString) DERTaggedObject(com.github.zhenwei.core.asn1.DERTaggedObject) BERSequence(com.github.zhenwei.core.asn1.BERSequence) ASN1ApplicationSpecific(com.github.zhenwei.core.asn1.ASN1ApplicationSpecific) DERBitString(com.github.zhenwei.core.asn1.DERBitString) ASN1Integer(com.github.zhenwei.core.asn1.ASN1Integer) ASN1RelativeOID(com.github.zhenwei.core.asn1.ASN1RelativeOID) ASN1VideotexString(com.github.zhenwei.core.asn1.ASN1VideotexString) ASN1Sequence(com.github.zhenwei.core.asn1.ASN1Sequence) ASN1Set(com.github.zhenwei.core.asn1.ASN1Set) ASN1VisibleString(com.github.zhenwei.core.asn1.ASN1VisibleString) ASN1IA5String(com.github.zhenwei.core.asn1.ASN1IA5String) ASN1PrintableString(com.github.zhenwei.core.asn1.ASN1PrintableString) ASN1Boolean(com.github.zhenwei.core.asn1.ASN1Boolean) ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier) ASN1Null(com.github.zhenwei.core.asn1.ASN1Null)

Example 37 with ASN1Null

use of com.unboundid.asn1.ASN1Null in project LinLong-Java by zhenwei1108.

the class CRMFHelper method createContentCipher.

Cipher createContentCipher(final Key sKey, final AlgorithmIdentifier encryptionAlgID) throws CRMFException {
    return (Cipher) execute(new JCECallback() {

        public Object doInJCE() throws CRMFException, InvalidAlgorithmParameterException, InvalidKeyException, InvalidParameterSpecException, NoSuchAlgorithmException, NoSuchPaddingException, NoSuchProviderException {
            Cipher cipher = createCipher(encryptionAlgID.getAlgorithm());
            ASN1Primitive sParams = (ASN1Primitive) encryptionAlgID.getParameters();
            ASN1ObjectIdentifier encAlg = encryptionAlgID.getAlgorithm();
            if (sParams != null && !(sParams instanceof ASN1Null)) {
                try {
                    AlgorithmParameters params = createAlgorithmParameters(encryptionAlgID.getAlgorithm());
                    try {
                        AlgorithmParametersUtils.loadParameters(params, sParams);
                    } catch (IOException e) {
                        throw new CRMFException("error decoding algorithm parameters.", e);
                    }
                    cipher.init(Cipher.DECRYPT_MODE, sKey, params);
                } catch (NoSuchAlgorithmException e) {
                    if (encAlg.equals(CMSAlgorithm.DES_EDE3_CBC) || encAlg.equals(CMSAlgorithm.IDEA_CBC) || encAlg.equals(CMSAlgorithm.AES128_CBC) || encAlg.equals(CMSAlgorithm.AES192_CBC) || encAlg.equals(CMSAlgorithm.AES256_CBC)) {
                        cipher.init(Cipher.DECRYPT_MODE, sKey, new IvParameterSpec(ASN1OctetString.getInstance(sParams).getOctets()));
                    } else {
                        throw e;
                    }
                }
            } else {
                if (encAlg.equals(CMSAlgorithm.DES_EDE3_CBC) || encAlg.equals(CMSAlgorithm.IDEA_CBC) || encAlg.equals(CMSAlgorithm.CAST5_CBC)) {
                    cipher.init(Cipher.DECRYPT_MODE, sKey, new IvParameterSpec(new byte[8]));
                } else {
                    cipher.init(Cipher.DECRYPT_MODE, sKey);
                }
            }
            return cipher;
        }
    });
}
Also used : CRMFException(com.github.zhenwei.pkix.cert.crmf.CRMFException) IvParameterSpec(javax.crypto.spec.IvParameterSpec) Cipher(javax.crypto.Cipher) IOException(java.io.IOException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) ASN1Primitive(com.github.zhenwei.core.asn1.ASN1Primitive) ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier) ASN1Null(com.github.zhenwei.core.asn1.ASN1Null) AlgorithmParameters(java.security.AlgorithmParameters)

Example 38 with ASN1Null

use of com.unboundid.asn1.ASN1Null in project LinLong-Java by zhenwei1108.

the class EnvelopedDataHelper method createContentCipher.

public Cipher createContentCipher(final Key sKey, final AlgorithmIdentifier encryptionAlgID) throws CMSException {
    return (Cipher) execute(new JCECallback() {

        public Object doInJCE() throws CMSException, InvalidAlgorithmParameterException, InvalidKeyException, InvalidParameterSpecException, NoSuchAlgorithmException, NoSuchPaddingException, NoSuchProviderException {
            Cipher cipher = createCipher(encryptionAlgID.getAlgorithm());
            ASN1Encodable sParams = encryptionAlgID.getParameters();
            String encAlg = encryptionAlgID.getAlgorithm().getId();
            if (sParams != null && !(sParams instanceof ASN1Null)) {
                try {
                    AlgorithmParameters params = createAlgorithmParameters(encryptionAlgID.getAlgorithm());
                    CMSUtils.loadParameters(params, sParams);
                    cipher.init(Cipher.DECRYPT_MODE, sKey, params);
                } catch (NoSuchAlgorithmException e) {
                    if (encAlg.equals(CMSAlgorithm.DES_CBC.getId()) || encAlg.equals(CMSEnvelopedDataGenerator.DES_EDE3_CBC) || encAlg.equals(CMSEnvelopedDataGenerator.IDEA_CBC) || encAlg.equals(CMSEnvelopedDataGenerator.AES128_CBC) || encAlg.equals(CMSEnvelopedDataGenerator.AES192_CBC) || encAlg.equals(CMSEnvelopedDataGenerator.AES256_CBC)) {
                        cipher.init(Cipher.DECRYPT_MODE, sKey, new IvParameterSpec(ASN1OctetString.getInstance(sParams).getOctets()));
                    } else {
                        throw e;
                    }
                }
            } else {
                if (encAlg.equals(CMSAlgorithm.DES_CBC.getId()) || encAlg.equals(CMSEnvelopedDataGenerator.DES_EDE3_CBC) || encAlg.equals(CMSEnvelopedDataGenerator.IDEA_CBC) || encAlg.equals(CMSEnvelopedDataGenerator.CAST5_CBC)) {
                    cipher.init(Cipher.DECRYPT_MODE, sKey, new IvParameterSpec(new byte[8]));
                } else {
                    cipher.init(Cipher.DECRYPT_MODE, sKey);
                }
            }
            return cipher;
        }
    });
}
Also used : IvParameterSpec(javax.crypto.spec.IvParameterSpec) Cipher(javax.crypto.Cipher) ASN1Encodable(com.github.zhenwei.core.asn1.ASN1Encodable) ASN1OctetString(com.github.zhenwei.core.asn1.ASN1OctetString) DEROctetString(com.github.zhenwei.core.asn1.DEROctetString) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) ASN1Null(com.github.zhenwei.core.asn1.ASN1Null) AlgorithmParameters(java.security.AlgorithmParameters)

Example 39 with ASN1Null

use of com.unboundid.asn1.ASN1Null in project LinLong-Java by zhenwei1108.

the class EnvelopedDataHelper method createContentMac.

Mac createContentMac(final Key sKey, final AlgorithmIdentifier macAlgId) throws CMSException {
    return (Mac) execute(new JCECallback() {

        public Object doInJCE() throws CMSException, InvalidAlgorithmParameterException, InvalidKeyException, InvalidParameterSpecException, NoSuchAlgorithmException, NoSuchPaddingException, NoSuchProviderException {
            Mac mac = createMac(macAlgId.getAlgorithm());
            ASN1Encodable sParams = macAlgId.getParameters();
            String macAlg = macAlgId.getAlgorithm().getId();
            if (sParams != null && !(sParams instanceof ASN1Null)) {
                try {
                    AlgorithmParameters params = createAlgorithmParameters(macAlgId.getAlgorithm());
                    CMSUtils.loadParameters(params, sParams);
                    mac.init(sKey, params.getParameterSpec(AlgorithmParameterSpec.class));
                } catch (NoSuchAlgorithmException e) {
                    throw e;
                }
            } else {
                mac.init(sKey);
            }
            return mac;
        }
    });
}
Also used : ASN1Encodable(com.github.zhenwei.core.asn1.ASN1Encodable) ASN1OctetString(com.github.zhenwei.core.asn1.ASN1OctetString) DEROctetString(com.github.zhenwei.core.asn1.DEROctetString) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) AlgorithmParameterSpec(java.security.spec.AlgorithmParameterSpec) Mac(javax.crypto.Mac) ASN1Null(com.github.zhenwei.core.asn1.ASN1Null) AlgorithmParameters(java.security.AlgorithmParameters)

Example 40 with ASN1Null

use of com.unboundid.asn1.ASN1Null in project openkeystore by cyberphone.

the class CA method createCert.

public X509Certificate createCert(CertSpec certSpec, DistinguishedName issuerName, BigInteger serialNumber, Date startDate, Date endDate, AsymKeySignerInterface signer, PublicKey issuerPublicKey, PublicKey subjectPublicKey) throws IOException, GeneralSecurityException {
    Extensions extensions = new Extensions();
    BaseASN1Object version = new CompositeContextSpecific(0, new ASN1Integer(2));
    DistinguishedName subjectName = certSpec.getSubjectDistinguishedName();
    BaseASN1Object validity = new ASN1Sequence(new BaseASN1Object[] { getASN1Time(startDate), getASN1Time(endDate) });
    AsymSignatureAlgorithms certSignAlg = signer.getAlgorithm();
    BaseASN1Object signatureAlgorithm = new ASN1Sequence(certSignAlg.getKeyType() == KeyTypes.RSA ? new BaseASN1Object[] { new ASN1ObjectID(certSignAlg.getOid()), // Relic from the RSA hey-days...
    new ASN1Null() } : new BaseASN1Object[] { new ASN1ObjectID(certSignAlg.getOid()) });
    BaseASN1Object subjectPublicKeyInfo = DerDecoder.decode(subjectPublicKey.getEncoded());
    // ////////////////////////////////////////////////////
    if (certSpec.endEntity) {
        extensions.add(CertificateExtensions.BASIC_CONSTRAINTS, false, new ASN1Sequence(new BaseASN1Object[] {}));
    }
    // ////////////////////////////////////////////////////
    if (certSpec.caCert) {
        extensions.add(CertificateExtensions.BASIC_CONSTRAINTS, true, new ASN1Sequence(new ASN1Boolean(true)));
    }
    // ////////////////////////////////////////////////////
    if (!certSpec.keyUsageSet.isEmpty()) {
        int i = 0;
        for (KeyUsageBits kubit : certSpec.keyUsageSet) {
            i |= 1 << kubit.ordinal();
        }
        byte[] keyUsage = new byte[i > 255 ? 2 : 1];
        keyUsage[0] = reverseBits(i);
        if (i > 255) {
            keyUsage[1] = reverseBits(i >> 8);
        }
        extensions.add(CertificateExtensions.KEY_USAGE, true, new ASN1BitString(keyUsage));
    }
    // ////////////////////////////////////////////////////
    if (!certSpec.extendedKeyUsageSet.isEmpty()) {
        int i = 0;
        BaseASN1Object[] ekus = new BaseASN1Object[certSpec.extendedKeyUsageSet.size()];
        for (ExtendedKeyUsages eku : certSpec.extendedKeyUsageSet.toArray(new ExtendedKeyUsages[0])) {
            ekus[i++] = new ASN1ObjectID(eku.getOID());
        }
        extensions.add(CertificateExtensions.EXTENDED_KEY_USAGE, false, new ASN1Sequence(ekus));
    }
    // ////////////////////////////////////////////////////
    if (certSpec.skiExtension) {
        extensions.add(CertificateExtensions.SUBJECT_KEY_IDENTIFIER, createKeyID(subjectPublicKey));
    }
    // ////////////////////////////////////////////////////
    if (certSpec.akiExtension) {
        extensions.add(CertificateExtensions.AUTHORITY_KEY_IDENTIFIER, new ASN1Sequence(new SimpleContextSpecific(0, createKeyID(issuerPublicKey))));
    }
    // ////////////////////////////////////////////////////
    if (!certSpec.subjectAltName.isEmpty()) {
        int i = 0;
        BaseASN1Object[] san = new BaseASN1Object[certSpec.subjectAltName.size()];
        for (CertSpec.NameValue nameValue : certSpec.subjectAltName) {
            int type = nameValue.name;
            // We currently only handle simple IA5String types.
            if (type == SubjectAltNameTypes.RFC822_NAME || type == SubjectAltNameTypes.DNS_NAME || type == SubjectAltNameTypes.UNIFORM_RESOURCE_IDENTIFIER) {
                if (!(nameValue.value instanceof ASN1IA5String)) {
                    throw new IOException("Wrong argument type to SubjectAltNames of type " + type);
                }
            } else // Or IP addresses.
            if (type == SubjectAltNameTypes.IP_ADDRESS) {
                if (!(nameValue.value instanceof ASN1OctetString)) {
                    throw new IOException("Wrong argument type to SubjectAltNames of type IP address");
                }
            } else {
                throw new IOException("SubjectAltNames of type " + type + " are not handled.");
            }
            san[i++] = new SimpleContextSpecific(type, nameValue.value);
        }
        extensions.add(CertificateExtensions.SUBJECT_ALT_NAME, new ASN1Sequence(san));
    }
    // ////////////////////////////////////////////////////
    if (!certSpec.certPolicyOids.isEmpty()) {
        int i = 0;
        BaseASN1Object[] policies = new BaseASN1Object[certSpec.certPolicyOids.size()];
        for (String oid : certSpec.certPolicyOids) {
            policies[i++] = new ASN1Sequence(new ASN1ObjectID(oid));
        }
        extensions.add(CertificateExtensions.CERTIFICATE_POLICIES, new ASN1Sequence(policies));
    }
    // ////////////////////////////////////////////////////
    if (!certSpec.aiaLocators.isEmpty()) {
        int i = 0;
        BaseASN1Object[] locators = new BaseASN1Object[certSpec.aiaLocators.size()];
        for (String[] loc_info : certSpec.aiaLocators) {
            locators[i++] = new ASN1Sequence(new BaseASN1Object[] { new ASN1ObjectID(loc_info[0]), new SimpleContextSpecific(6, new ASN1IA5String(loc_info[1])) });
        }
        extensions.add(CertificateExtensions.AUTHORITY_INFO_ACCESS, new ASN1Sequence(locators));
    }
    // ////////////////////////////////////////////////////
    if (!certSpec.crlDistPoints.isEmpty()) {
        int i = 0;
        BaseASN1Object[] cdps = new BaseASN1Object[certSpec.crlDistPoints.size()];
        for (String uri : certSpec.crlDistPoints) {
            cdps[i++] = new ASN1Sequence(new CompositeContextSpecific(0, new CompositeContextSpecific(0, new SimpleContextSpecific(6, new ASN1IA5String(uri)))));
        }
        extensions.add(CertificateExtensions.CRL_DISTRIBUTION_POINTS, new ASN1Sequence(cdps));
    }
    // ////////////////////////////////////////////////////
    // Certificate Creation!
    // ////////////////////////////////////////////////////
    BaseASN1Object[] inner = new BaseASN1Object[extensions.isEmpty() ? 7 : 8];
    inner[0] = version;
    inner[1] = new ASN1Integer(serialNumber);
    inner[2] = signatureAlgorithm;
    inner[3] = issuerName.toASN1();
    inner[4] = validity;
    inner[5] = subjectName.toASN1();
    inner[6] = subjectPublicKeyInfo;
    if (!extensions.isEmpty()) {
        inner[7] = new CompositeContextSpecific(3, extensions.getExtensionData());
    }
    BaseASN1Object tbsCertificate = new ASN1Sequence(inner);
    BaseASN1Object signature = new ASN1BitString(signer.signData(tbsCertificate.encode()));
    byte[] certificate = new ASN1Sequence(new BaseASN1Object[] { tbsCertificate, signatureAlgorithm, signature }).encode();
    return CertificateUtil.getCertificateFromBlob(certificate);
}
Also used : ASN1OctetString(org.webpki.asn1.ASN1OctetString) KeyUsageBits(org.webpki.crypto.KeyUsageBits) DistinguishedName(org.webpki.asn1.cert.DistinguishedName) BaseASN1Object(org.webpki.asn1.BaseASN1Object) CompositeContextSpecific(org.webpki.asn1.CompositeContextSpecific) ASN1Integer(org.webpki.asn1.ASN1Integer) IOException(java.io.IOException) ASN1IA5String(org.webpki.asn1.ASN1IA5String) ASN1OctetString(org.webpki.asn1.ASN1OctetString) ASN1BitString(org.webpki.asn1.ASN1BitString) CertificateExtensions(org.webpki.crypto.CertificateExtensions) ExtendedKeyUsages(org.webpki.crypto.ExtendedKeyUsages) ASN1BitString(org.webpki.asn1.ASN1BitString) ASN1Sequence(org.webpki.asn1.ASN1Sequence) ASN1ObjectID(org.webpki.asn1.ASN1ObjectID) ASN1IA5String(org.webpki.asn1.ASN1IA5String) ASN1Boolean(org.webpki.asn1.ASN1Boolean) AsymSignatureAlgorithms(org.webpki.crypto.AsymSignatureAlgorithms) SimpleContextSpecific(org.webpki.asn1.SimpleContextSpecific) ASN1Null(org.webpki.asn1.ASN1Null)

Aggregations

ASN1Null (com.unboundid.asn1.ASN1Null)69 Test (org.testng.annotations.Test)65 ASN1BitString (com.unboundid.asn1.ASN1BitString)36 ASN1OctetString (com.unboundid.asn1.ASN1OctetString)33 DN (com.unboundid.ldap.sdk.DN)33 OID (com.unboundid.util.OID)32 ASN1Sequence (com.unboundid.asn1.ASN1Sequence)28 ASN1ObjectIdentifier (com.unboundid.asn1.ASN1ObjectIdentifier)23 ASN1Integer (com.unboundid.asn1.ASN1Integer)21 ASN1Element (com.unboundid.asn1.ASN1Element)20 ASN1BigInteger (com.unboundid.asn1.ASN1BigInteger)15 ASN1GeneralizedTime (com.unboundid.asn1.ASN1GeneralizedTime)9 ASN1UTCTime (com.unboundid.asn1.ASN1UTCTime)6 ArrayList (java.util.ArrayList)6 ASN1Null (com.github.zhenwei.core.asn1.ASN1Null)5 Date (java.util.Date)5 ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)3 ASN1OctetString (com.github.zhenwei.core.asn1.ASN1OctetString)3 AlgorithmParameters (java.security.AlgorithmParameters)3 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3