Example 46 with ASN1Set
use of com.unboundid.asn1.ASN1Set in project xipki by xipki.
the class CaUtil method getChallengePassword.
// method getExtensions
public static String getChallengePassword(CertificationRequestInfo csr) {
notNull(csr, "csr");
ASN1Set attrs = csr.getAttributes();
for (int i = 0; i < attrs.size(); i++) {
Attribute attr = Attribute.getInstance(attrs.getObjectAt(i));
if (PKCSObjectIdentifiers.pkcs_9_at_challengePassword.equals(attr.getAttrType())) {
ASN1String str = (ASN1String) attr.getAttributeValues()[0];
return str.getString();
}
}
return null;
}
Also used :
ASN1Set(org.bouncycastle.asn1.ASN1Set)
Attribute(org.bouncycastle.asn1.pkcs.Attribute)
ASN1String(org.bouncycastle.asn1.ASN1String)
Example 47 with ASN1Set
use of com.unboundid.asn1.ASN1Set in project LinLong-Java by zhenwei1108.
the class ASN1Dump method _dumpAsString.
/**
* dump a DER object as a formatted string with indentation
*
* @param obj the ASN1Primitive to be dumped out.
*/
static void _dumpAsString(String indent, boolean verbose, ASN1Primitive obj, StringBuffer buf) {
String nl = Strings.lineSeparator();
if (obj instanceof ASN1Null) {
buf.append(indent);
buf.append("NULL");
buf.append(nl);
} else if (obj instanceof ASN1Sequence) {
buf.append(indent);
if (obj instanceof BERSequence) {
buf.append("BER Sequence");
} else if (obj instanceof DERSequence) {
buf.append("DER Sequence");
} else {
buf.append("Sequence");
}
buf.append(nl);
ASN1Sequence sequence = (ASN1Sequence) obj;
String elementsIndent = indent + TAB;
for (int i = 0, count = sequence.size(); i < count; ++i) {
_dumpAsString(elementsIndent, verbose, sequence.getObjectAt(i).toASN1Primitive(), buf);
}
} else if (obj instanceof ASN1Set) {
buf.append(indent);
if (obj instanceof BERSet) {
buf.append("BER Set");
} else if (obj instanceof DERSet) {
buf.append("DER Set");
} else {
buf.append("Set");
}
buf.append(nl);
ASN1Set set = (ASN1Set) obj;
String elementsIndent = indent + TAB;
for (int i = 0, count = set.size(); i < count; ++i) {
_dumpAsString(elementsIndent, verbose, set.getObjectAt(i).toASN1Primitive(), buf);
}
} else if (obj instanceof ASN1ApplicationSpecific) {
_dumpAsString(indent, verbose, ((ASN1ApplicationSpecific) obj).getTaggedObject(), buf);
} else if (obj instanceof ASN1TaggedObject) {
buf.append(indent);
if (obj instanceof BERTaggedObject) {
buf.append("BER Tagged ");
} else if (obj instanceof DERTaggedObject) {
buf.append("DER Tagged ");
} else {
buf.append("Tagged ");
}
ASN1TaggedObject o = (ASN1TaggedObject) obj;
buf.append(ASN1Util.getTagText(o));
if (!o.isExplicit()) {
buf.append(" IMPLICIT ");
}
buf.append(nl);
String baseIndent = indent + TAB;
_dumpAsString(baseIndent, verbose, o.getBaseObject().toASN1Primitive(), buf);
} else if (obj instanceof ASN1OctetString) {
ASN1OctetString oct = (ASN1OctetString) obj;
if (obj instanceof BEROctetString) {
buf.append(indent + "BER Constructed Octet String" + "[" + oct.getOctets().length + "] ");
} else {
buf.append(indent + "DER Octet String" + "[" + oct.getOctets().length + "] ");
}
if (verbose) {
buf.append(dumpBinaryDataAsString(indent, oct.getOctets()));
} else {
buf.append(nl);
}
} else if (obj instanceof ASN1ObjectIdentifier) {
buf.append(indent + "ObjectIdentifier(" + ((ASN1ObjectIdentifier) obj).getId() + ")" + nl);
} else if (obj instanceof ASN1RelativeOID) {
buf.append(indent + "RelativeOID(" + ((ASN1RelativeOID) obj).getId() + ")" + nl);
} else if (obj instanceof ASN1Boolean) {
buf.append(indent + "Boolean(" + ((ASN1Boolean) obj).isTrue() + ")" + nl);
} else if (obj instanceof ASN1Integer) {
buf.append(indent + "Integer(" + ((ASN1Integer) obj).getValue() + ")" + nl);
} else if (obj instanceof ASN1BitString) {
ASN1BitString bitString = (ASN1BitString) obj;
byte[] bytes = bitString.getBytes();
int padBits = bitString.getPadBits();
if (bitString instanceof DERBitString) {
buf.append(indent + "DER Bit String" + "[" + bytes.length + ", " + padBits + "] ");
} else if (bitString instanceof DLBitString) {
buf.append(indent + "DL Bit String" + "[" + bytes.length + ", " + padBits + "] ");
} else {
buf.append(indent + "BER Bit String" + "[" + bytes.length + ", " + padBits + "] ");
}
if (verbose) {
buf.append(dumpBinaryDataAsString(indent, bytes));
} else {
buf.append(nl);
}
} else if (obj instanceof ASN1IA5String) {
buf.append(indent + "IA5String(" + ((ASN1IA5String) obj).getString() + ") " + nl);
} else if (obj instanceof ASN1UTF8String) {
buf.append(indent + "UTF8String(" + ((ASN1UTF8String) obj).getString() + ") " + nl);
} else if (obj instanceof ASN1NumericString) {
buf.append(indent + "NumericString(" + ((ASN1NumericString) obj).getString() + ") " + nl);
} else if (obj instanceof ASN1PrintableString) {
buf.append(indent + "PrintableString(" + ((ASN1PrintableString) obj).getString() + ") " + nl);
} else if (obj instanceof ASN1VisibleString) {
buf.append(indent + "VisibleString(" + ((ASN1VisibleString) obj).getString() + ") " + nl);
} else if (obj instanceof ASN1BMPString) {
buf.append(indent + "BMPString(" + ((ASN1BMPString) obj).getString() + ") " + nl);
} else if (obj instanceof ASN1T61String) {
buf.append(indent + "T61String(" + ((ASN1T61String) obj).getString() + ") " + nl);
} else if (obj instanceof ASN1GraphicString) {
buf.append(indent + "GraphicString(" + ((ASN1GraphicString) obj).getString() + ") " + nl);
} else if (obj instanceof ASN1VideotexString) {
buf.append(indent + "VideotexString(" + ((ASN1VideotexString) obj).getString() + ") " + nl);
} else if (obj instanceof ASN1UTCTime) {
buf.append(indent + "UTCTime(" + ((ASN1UTCTime) obj).getTime() + ") " + nl);
} else if (obj instanceof ASN1GeneralizedTime) {
buf.append(indent + "GeneralizedTime(" + ((ASN1GeneralizedTime) obj).getTime() + ") " + nl);
} else if (obj instanceof ASN1Enumerated) {
ASN1Enumerated en = (ASN1Enumerated) obj;
buf.append(indent + "DER Enumerated(" + en.getValue() + ")" + nl);
} else if (obj instanceof ASN1ObjectDescriptor) {
ASN1ObjectDescriptor od = (ASN1ObjectDescriptor) obj;
buf.append(indent + "ObjectDescriptor(" + od.getBaseGraphicString().getString() + ") " + nl);
} else if (obj instanceof ASN1External) {
ASN1External ext = (ASN1External) obj;
buf.append(indent + "External " + nl);
String tab = indent + TAB;
if (ext.getDirectReference() != null) {
buf.append(tab + "Direct Reference: " + ext.getDirectReference().getId() + nl);
}
if (ext.getIndirectReference() != null) {
buf.append(tab + "Indirect Reference: " + ext.getIndirectReference().toString() + nl);
}
if (ext.getDataValueDescriptor() != null) {
_dumpAsString(tab, verbose, ext.getDataValueDescriptor(), buf);
}
buf.append(tab + "Encoding: " + ext.getEncoding() + nl);
_dumpAsString(tab, verbose, ext.getExternalContent(), buf);
} else {
buf.append(indent + obj.toString() + nl);
}
}
Also used :
ASN1OctetString(com.github.zhenwei.core.asn1.ASN1OctetString)
ASN1TaggedObject(com.github.zhenwei.core.asn1.ASN1TaggedObject)
ASN1BMPString(com.github.zhenwei.core.asn1.ASN1BMPString)
ASN1UTCTime(com.github.zhenwei.core.asn1.ASN1UTCTime)
ASN1GeneralizedTime(com.github.zhenwei.core.asn1.ASN1GeneralizedTime)
ASN1IA5String(com.github.zhenwei.core.asn1.ASN1IA5String)
ASN1T61String(com.github.zhenwei.core.asn1.ASN1T61String)
ASN1BitString(com.github.zhenwei.core.asn1.ASN1BitString)
ASN1UTF8String(com.github.zhenwei.core.asn1.ASN1UTF8String)
ASN1VisibleString(com.github.zhenwei.core.asn1.ASN1VisibleString)
ASN1OctetString(com.github.zhenwei.core.asn1.ASN1OctetString)
ASN1NumericString(com.github.zhenwei.core.asn1.ASN1NumericString)
BEROctetString(com.github.zhenwei.core.asn1.BEROctetString)
ASN1BMPString(com.github.zhenwei.core.asn1.ASN1BMPString)
ASN1VideotexString(com.github.zhenwei.core.asn1.ASN1VideotexString)
DERBitString(com.github.zhenwei.core.asn1.DERBitString)
ASN1PrintableString(com.github.zhenwei.core.asn1.ASN1PrintableString)
DLBitString(com.github.zhenwei.core.asn1.DLBitString)
ASN1GraphicString(com.github.zhenwei.core.asn1.ASN1GraphicString)
DLBitString(com.github.zhenwei.core.asn1.DLBitString)
DERSet(com.github.zhenwei.core.asn1.DERSet)
ASN1BitString(com.github.zhenwei.core.asn1.ASN1BitString)
ASN1External(com.github.zhenwei.core.asn1.ASN1External)
ASN1T61String(com.github.zhenwei.core.asn1.ASN1T61String)
DERSequence(com.github.zhenwei.core.asn1.DERSequence)
BEROctetString(com.github.zhenwei.core.asn1.BEROctetString)
ASN1Enumerated(com.github.zhenwei.core.asn1.ASN1Enumerated)
BERTaggedObject(com.github.zhenwei.core.asn1.BERTaggedObject)
ASN1ObjectDescriptor(com.github.zhenwei.core.asn1.ASN1ObjectDescriptor)
BERSet(com.github.zhenwei.core.asn1.BERSet)
ASN1NumericString(com.github.zhenwei.core.asn1.ASN1NumericString)
ASN1UTF8String(com.github.zhenwei.core.asn1.ASN1UTF8String)
ASN1GraphicString(com.github.zhenwei.core.asn1.ASN1GraphicString)
DERTaggedObject(com.github.zhenwei.core.asn1.DERTaggedObject)
BERSequence(com.github.zhenwei.core.asn1.BERSequence)
ASN1ApplicationSpecific(com.github.zhenwei.core.asn1.ASN1ApplicationSpecific)
DERBitString(com.github.zhenwei.core.asn1.DERBitString)
ASN1Integer(com.github.zhenwei.core.asn1.ASN1Integer)
ASN1RelativeOID(com.github.zhenwei.core.asn1.ASN1RelativeOID)
ASN1VideotexString(com.github.zhenwei.core.asn1.ASN1VideotexString)
ASN1Sequence(com.github.zhenwei.core.asn1.ASN1Sequence)
ASN1Set(com.github.zhenwei.core.asn1.ASN1Set)
ASN1VisibleString(com.github.zhenwei.core.asn1.ASN1VisibleString)
ASN1IA5String(com.github.zhenwei.core.asn1.ASN1IA5String)
ASN1PrintableString(com.github.zhenwei.core.asn1.ASN1PrintableString)
ASN1Boolean(com.github.zhenwei.core.asn1.ASN1Boolean)
ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)
ASN1Null(com.github.zhenwei.core.asn1.ASN1Null)
Example 48 with ASN1Set
use of com.unboundid.asn1.ASN1Set in project LinLong-Java by zhenwei1108.
the class SignerInfoGenerator method generate.
public SignerInfo generate(ASN1ObjectIdentifier contentType) throws CMSException {
try {
/* RFC 3852 5.4
* The result of the message digest calculation process depends on
* whether the signedAttrs field is present. When the field is absent,
* the result is just the message digest of the content as described
*
* above. When the field is present, however, the result is the message
* digest of the complete DER encoding of the SignedAttrs value
* contained in the signedAttrs field.
*/
ASN1Set signedAttr = null;
AlgorithmIdentifier digestEncryptionAlgorithm = sigEncAlgFinder.findEncryptionAlgorithm(signer.getAlgorithmIdentifier());
AlgorithmIdentifier digestAlg = null;
if (sAttrGen != null) {
digestAlg = digester.getAlgorithmIdentifier();
calculatedDigest = digester.getDigest();
Map parameters = getBaseParameters(contentType, digester.getAlgorithmIdentifier(), digestEncryptionAlgorithm, calculatedDigest);
AttributeTable signed = sAttrGen.getAttributes(Collections.unmodifiableMap(parameters));
signedAttr = getAttributeSet(signed);
// sig must be composed from the DER encoding.
OutputStream sOut = signer.getOutputStream();
sOut.write(signedAttr.getEncoded(ASN1Encoding.DER));
sOut.close();
} else {
digestAlg = digestAlgorithm;
if (digester != null) {
calculatedDigest = digester.getDigest();
} else {
calculatedDigest = null;
}
}
byte[] sigBytes = signer.getSignature();
ASN1Set unsignedAttr = null;
if (unsAttrGen != null) {
Map parameters = getBaseParameters(contentType, digestAlg, digestEncryptionAlgorithm, calculatedDigest);
parameters.put(CMSAttributeTableGenerator.SIGNATURE, Arrays.clone(sigBytes));
AttributeTable unsigned = unsAttrGen.getAttributes(Collections.unmodifiableMap(parameters));
unsignedAttr = getAttributeSet(unsigned);
}
if (sAttrGen == null) {
// RFC 8419, Section 3.2 - needs to be shake-256, not shake-256-len
if (EdECObjectIdentifiers.id_Ed448.equals(digestEncryptionAlgorithm.getAlgorithm())) {
digestAlg = new AlgorithmIdentifier(NISTObjectIdentifiers.id_shake256);
}
}
return new SignerInfo(signerIdentifier, digestAlg, signedAttr, digestEncryptionAlgorithm, new DEROctetString(sigBytes), unsignedAttr);
} catch (IOException e) {
throw new CMSException("encoding error.", e);
}
}
Also used :
SignerInfo(com.github.zhenwei.pkix.util.asn1.cms.SignerInfo)
ASN1Set(com.github.zhenwei.core.asn1.ASN1Set)
OutputStream(java.io.OutputStream)
TeeOutputStream(com.github.zhenwei.core.util.io.TeeOutputStream)
AttributeTable(com.github.zhenwei.pkix.util.asn1.cms.AttributeTable)
IOException(java.io.IOException)
HashMap(java.util.HashMap)
Map(java.util.Map)
DEROctetString(com.github.zhenwei.core.asn1.DEROctetString)
AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)
Example 49 with ASN1Set
use of com.unboundid.asn1.ASN1Set in project LinLong-Java by zhenwei1108.
the class SignerInformation method getCounterSignatures.
/**
* Return a SignerInformationStore containing the counter signatures attached to this signer. If
* no counter signatures are present an empty store is returned.
*/
public SignerInformationStore getCounterSignatures() {
// TODO There are several checks implied by the RFC3852 comments that are missing
/*
The countersignature attribute MUST be an unsigned attribute; it MUST
NOT be a signed attribute, an authenticated attribute, an
unauthenticated attribute, or an unprotected attribute.
*/
AttributeTable unsignedAttributeTable = getUnsignedAttributes();
if (unsignedAttributeTable == null) {
return new SignerInformationStore(new ArrayList(0));
}
List counterSignatures = new ArrayList();
/*
The UnsignedAttributes syntax is defined as a SET OF Attributes. The
UnsignedAttributes in a signerInfo may include multiple instances of
the countersignature attribute.
*/
ASN1EncodableVector allCSAttrs = unsignedAttributeTable.getAll(CMSAttributes.counterSignature);
for (int i = 0; i < allCSAttrs.size(); ++i) {
Attribute counterSignatureAttribute = (Attribute) allCSAttrs.get(i);
/*
A countersignature attribute can have multiple attribute values. The
syntax is defined as a SET OF AttributeValue, and there MUST be one
or more instances of AttributeValue present.
*/
ASN1Set values = counterSignatureAttribute.getAttrValues();
if (values.size() < 1) {
// TODO Throw an appropriate exception?
}
for (Enumeration en = values.getObjects(); en.hasMoreElements(); ) {
/*
Countersignature values have the same meaning as SignerInfo values
for ordinary signatures, except that:
1. The signedAttributes field MUST NOT contain a content-type
attribute; there is no content type for countersignatures.
2. The signedAttributes field MUST contain a message-digest
attribute if it contains any other attributes.
3. The input to the message-digesting process is the contents
octets of the DER encoding of the signatureValue field of the
SignerInfo value with which the attribute is associated.
*/
SignerInfo si = SignerInfo.getInstance(en.nextElement());
counterSignatures.add(new SignerInformation(si, null, new CMSProcessableByteArray(getSignature()), null));
}
}
return new SignerInformationStore(counterSignatures);
}
Also used :
SignerInfo(com.github.zhenwei.pkix.util.asn1.cms.SignerInfo)
Enumeration(java.util.Enumeration)
ASN1Set(com.github.zhenwei.core.asn1.ASN1Set)
Attribute(com.github.zhenwei.pkix.util.asn1.cms.Attribute)
AttributeTable(com.github.zhenwei.pkix.util.asn1.cms.AttributeTable)
ArrayList(java.util.ArrayList)
ASN1EncodableVector(com.github.zhenwei.core.asn1.ASN1EncodableVector)
ArrayList(java.util.ArrayList)
List(java.util.List)
Example 50 with ASN1Set
use of com.unboundid.asn1.ASN1Set in project LinLong-Java by zhenwei1108.
the class SignerInformation method replaceUnsignedAttributes.
/**
* Return a signer information object with the passed in unsigned attributes replacing the ones
* that are current associated with the object passed in.
*
* @param signerInformation the signerInfo to be used as the basis.
* @param unsignedAttributes the unsigned attributes to add.
* @return a copy of the original SignerInformationObject with the changed attributes.
*/
public static SignerInformation replaceUnsignedAttributes(SignerInformation signerInformation, AttributeTable unsignedAttributes) {
SignerInfo sInfo = signerInformation.info;
ASN1Set unsignedAttr = null;
if (unsignedAttributes != null) {
unsignedAttr = new DERSet(unsignedAttributes.toASN1EncodableVector());
}
return new SignerInformation(new SignerInfo(sInfo.getSID(), sInfo.getDigestAlgorithm(), sInfo.getAuthenticatedAttributes(), sInfo.getDigestEncryptionAlgorithm(), sInfo.getEncryptedDigest(), unsignedAttr), signerInformation.contentType, signerInformation.content, null);
}
Also used :
SignerInfo(com.github.zhenwei.pkix.util.asn1.cms.SignerInfo)
ASN1Set(com.github.zhenwei.core.asn1.ASN1Set)
DERSet(com.github.zhenwei.core.asn1.DERSet)
Aggregations
ASN1Set (org.bouncycastle.asn1.ASN1Set)67
ArrayList (java.util.ArrayList)51
ASN1Set (com.unboundid.asn1.ASN1Set)33
IOException (java.io.IOException)32
ASN1OctetString (com.unboundid.asn1.ASN1OctetString)30
ASN1Sequence (com.unboundid.asn1.ASN1Sequence)30
ASN1Set (com.github.zhenwei.core.asn1.ASN1Set)26
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)22
ASN1Element (com.unboundid.asn1.ASN1Element)21
NotNull (com.unboundid.util.NotNull)21
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)19
List (java.util.List)17
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)17
DEROctetString (org.bouncycastle.asn1.DEROctetString)16
Enumeration (java.util.Enumeration)14
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)14
OutputStream (java.io.OutputStream)12
Test (org.testng.annotations.Test)12
ASN1Enumerated (com.unboundid.asn1.ASN1Enumerated)11
X509Certificate (java.security.cert.X509Certificate)11
