Example 76 with ASN1Set
use of com.unboundid.asn1.ASN1Set in project xipki by xipki.
the class CaUtil method getChallengePassword.
public static String getChallengePassword(CertificationRequestInfo csr) {
ParamUtil.requireNonNull("csr", csr);
ASN1Set attrs = csr.getAttributes();
for (int i = 0; i < attrs.size(); i++) {
Attribute attr = Attribute.getInstance(attrs.getObjectAt(i));
if (PKCSObjectIdentifiers.pkcs_9_at_challengePassword.equals(attr.getAttrType())) {
ASN1String str = (ASN1String) attr.getAttributeValues()[0];
return str.getString();
}
}
return null;
}
Also used :
ASN1Set(org.bouncycastle.asn1.ASN1Set)
Attribute(org.bouncycastle.asn1.pkcs.Attribute)
ASN1String(org.bouncycastle.asn1.ASN1String)
DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)
CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)
Example 77 with ASN1Set
use of com.unboundid.asn1.ASN1Set in project keystore-explorer by kaikramer.
the class Asn1Dump method dumpSetOrSequence.
private String dumpSetOrSequence(ASN1Encodable asn1ConstructedType) throws Asn1Exception, IOException {
StringBuilder sb = new StringBuilder();
sb.append(indentSequence.toString(indentLevel));
Enumeration<?> components;
// Sequence or Set?
if (asn1ConstructedType instanceof ASN1Sequence) {
sb.append("SEQUENCE");
ASN1Sequence sequence = (ASN1Sequence) asn1ConstructedType;
components = sequence.getObjects();
} else {
// == SET
sb.append("SET");
ASN1Set set = (ASN1Set) asn1ConstructedType;
components = set.getObjects();
}
sb.append(NEWLINE);
sb.append(indentSequence.toString(indentLevel));
sb.append("{");
sb.append(NEWLINE);
while (components.hasMoreElements()) {
ASN1Primitive component = (ASN1Primitive) components.nextElement();
sb.append(dump(component));
}
sb.append(indentSequence.toString(indentLevel));
sb.append("}");
sb.append(NEWLINE);
return sb.toString();
}
Also used :
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
ASN1Set(org.bouncycastle.asn1.ASN1Set)
ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive)
Example 78 with ASN1Set
use of com.unboundid.asn1.ASN1Set in project keystore-explorer by kaikramer.
the class X509Ext method getVeriSignNonVerified.
private static String getVeriSignNonVerified(byte[] octets) throws IOException {
/*
NonVerified ::= SET OF ATTRIBUTE
*/
StringBuilder sb = new StringBuilder();
ASN1Set asn1Set = ASN1Set.getInstance(octets);
for (ASN1Encodable attribute : asn1Set.toArray()) {
ASN1ObjectIdentifier attributeId = ((Attribute) attribute).getAttrType();
ASN1Set attributeValues = ((Attribute) attribute).getAttrValues();
for (ASN1Encodable attributeValue : attributeValues.toArray()) {
String attributeValueStr = getAttributeValueString(attributeId, attributeValue);
sb.append(MessageFormat.format("{0}={1}", attributeId.getId(), attributeValueStr));
sb.append(NEWLINE);
}
}
return sb.toString();
}
Also used :
ASN1Set(org.bouncycastle.asn1.ASN1Set)
Attribute(org.bouncycastle.asn1.x509.Attribute)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
DERBitString(org.bouncycastle.asn1.DERBitString)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DERGeneralString(org.bouncycastle.asn1.DERGeneralString)
ASN1IA5String(org.bouncycastle.asn1.ASN1IA5String)
DirectoryString(org.bouncycastle.asn1.x500.DirectoryString)
ASN1BitString(org.bouncycastle.asn1.ASN1BitString)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
ASN1BMPString(org.bouncycastle.asn1.ASN1BMPString)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
ASN1PrintableString(org.bouncycastle.asn1.ASN1PrintableString)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 79 with ASN1Set
use of com.unboundid.asn1.ASN1Set in project xipki by xipki.
the class Ca2Manager method generateCertificate.
// method generateRootCa
X509Cert generateCertificate(String caName, String profileName, byte[] encodedCsr, Date notBefore, Date notAfter) throws CaMgmtException {
caName = toNonBlankLower(caName, "caName");
profileName = toNonBlankLower(profileName, "profileName");
notNull(encodedCsr, "encodedCsr");
AuditEvent event = new AuditEvent(new Date());
event.setApplicationName(APPNAME);
event.setName(NAME_perf);
event.addEventType("CAMGMT_CRL_GEN_ONDEMAND");
X509Ca ca = getX509Ca(caName);
CertificationRequest csr;
try {
csr = X509Util.parseCsr(encodedCsr);
} catch (Exception ex) {
throw new CaMgmtException(concat("invalid CSR request. ERROR: ", ex.getMessage()));
}
if (!ca.verifyCsr(csr)) {
throw new CaMgmtException("could not validate POP for the CSR");
}
CertificationRequestInfo certTemp = csr.getCertificationRequestInfo();
Extensions extensions = null;
ASN1Set attrs = certTemp.getAttributes();
for (int i = 0; i < attrs.size(); i++) {
Attribute attr = Attribute.getInstance(attrs.getObjectAt(i));
if (PKCSObjectIdentifiers.pkcs_9_at_extensionRequest.equals(attr.getAttrType())) {
extensions = Extensions.getInstance(attr.getAttributeValues()[0]);
}
}
X500Name subject = certTemp.getSubject();
SubjectPublicKeyInfo publicKeyInfo = certTemp.getSubjectPublicKeyInfo();
CertTemplateData certTemplateData = new CertTemplateData(subject, publicKeyInfo, notBefore, notAfter, extensions, profileName);
CertificateInfo certInfo;
try {
certInfo = ca.generateCert(certTemplateData, manager.byCaRequestor, RequestType.CA, null, MSGID_ca_mgmt);
} catch (OperationException ex) {
throw new CaMgmtException(ex.getMessage(), ex);
}
if (ca.getCaInfo().isSaveRequest()) {
try {
long dbId = ca.addRequest(encodedCsr);
ca.addRequestCert(dbId, certInfo.getCert().getCertId());
} catch (OperationException ex) {
LogUtil.warn(LOG, ex, "could not save request");
}
}
return certInfo.getCert().getCert();
}
Also used :
CertificationRequestInfo(org.bouncycastle.asn1.pkcs.CertificationRequestInfo)
Attribute(org.bouncycastle.asn1.pkcs.Attribute)
X500Name(org.bouncycastle.asn1.x500.X500Name)
Extensions(org.bouncycastle.asn1.x509.Extensions)
SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
DataAccessException(org.xipki.datasource.DataAccessException)
CertificateException(java.security.cert.CertificateException)
OperationException(org.xipki.ca.api.OperationException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
ASN1Set(org.bouncycastle.asn1.ASN1Set)
CertificateInfo(org.xipki.ca.api.CertificateInfo)
AuditEvent(org.xipki.audit.AuditEvent)
CertificationRequest(org.bouncycastle.asn1.pkcs.CertificationRequest)
OperationException(org.xipki.ca.api.OperationException)
Example 80 with ASN1Set
use of com.unboundid.asn1.ASN1Set in project jmulticard by ctt-gob-es.
the class SignerInfoGenerator method generate.
public SignerInfo generate(ASN1ObjectIdentifier contentType) throws CMSException {
try {
/* RFC 3852 5.4
* The result of the message digest calculation process depends on
* whether the signedAttrs field is present. When the field is absent,
* the result is just the message digest of the content as described
*
* above. When the field is present, however, the result is the message
* digest of the complete DER encoding of the SignedAttrs value
* contained in the signedAttrs field.
*/
ASN1Set signedAttr = null;
AlgorithmIdentifier digestEncryptionAlgorithm = sigEncAlgFinder.findEncryptionAlgorithm(signer.getAlgorithmIdentifier());
AlgorithmIdentifier digestAlg = null;
if (sAttrGen != null) {
digestAlg = digester.getAlgorithmIdentifier();
calculatedDigest = digester.getDigest();
Map parameters = getBaseParameters(contentType, digester.getAlgorithmIdentifier(), digestEncryptionAlgorithm, calculatedDigest);
AttributeTable signed = sAttrGen.getAttributes(Collections.unmodifiableMap(parameters));
signedAttr = getAttributeSet(signed);
// sig must be composed from the DER encoding.
OutputStream sOut = signer.getOutputStream();
sOut.write(signedAttr.getEncoded(ASN1Encoding.DER));
sOut.close();
} else {
digestAlg = digestAlgorithm;
if (digester != null) {
calculatedDigest = digester.getDigest();
} else {
calculatedDigest = null;
}
}
byte[] sigBytes = signer.getSignature();
ASN1Set unsignedAttr = null;
if (unsAttrGen != null) {
Map parameters = getBaseParameters(contentType, digestAlg, digestEncryptionAlgorithm, calculatedDigest);
parameters.put(CMSAttributeTableGenerator.SIGNATURE, Arrays.clone(sigBytes));
AttributeTable unsigned = unsAttrGen.getAttributes(Collections.unmodifiableMap(parameters));
unsignedAttr = getAttributeSet(unsigned);
}
if (sAttrGen == null) {
// RFC 8419, Section 3.2 - needs to be shake-256, not shake-256-len
if (EdECObjectIdentifiers.id_Ed448.equals(digestEncryptionAlgorithm.getAlgorithm())) {
digestAlg = new AlgorithmIdentifier(NISTObjectIdentifiers.id_shake256);
}
}
return new SignerInfo(signerIdentifier, digestAlg, signedAttr, digestEncryptionAlgorithm, new DEROctetString(sigBytes), unsignedAttr);
} catch (IOException e) {
throw new CMSException("encoding error.", e);
}
}
Also used :
SignerInfo(org.bouncycastle.asn1.cms.SignerInfo)
ASN1Set(org.bouncycastle.asn1.ASN1Set)
OutputStream(java.io.OutputStream)
TeeOutputStream(org.bouncycastle.util.io.TeeOutputStream)
AttributeTable(org.bouncycastle.asn1.cms.AttributeTable)
IOException(java.io.IOException)
HashMap(java.util.HashMap)
Map(java.util.Map)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Aggregations
ASN1Set (org.bouncycastle.asn1.ASN1Set)67
ArrayList (java.util.ArrayList)51
ASN1Set (com.unboundid.asn1.ASN1Set)33
IOException (java.io.IOException)32
ASN1OctetString (com.unboundid.asn1.ASN1OctetString)30
ASN1Sequence (com.unboundid.asn1.ASN1Sequence)30
ASN1Set (com.github.zhenwei.core.asn1.ASN1Set)26
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)22
ASN1Element (com.unboundid.asn1.ASN1Element)21
NotNull (com.unboundid.util.NotNull)21
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)19
List (java.util.List)17
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)17
DEROctetString (org.bouncycastle.asn1.DEROctetString)16
Enumeration (java.util.Enumeration)14
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)14
OutputStream (java.io.OutputStream)12
Test (org.testng.annotations.Test)12
ASN1Enumerated (com.unboundid.asn1.ASN1Enumerated)11
X509Certificate (java.security.cert.X509Certificate)11
