Examples with ASN1Sequence org.apache.harmony.security.asn1.ASN1Sequence used on opensource projects
Example 41 with ASN1Sequence
use of org.apache.harmony.security.asn1.ASN1Sequence in project XobotOS by xamarin.
the class RFC3280CertPathUtilities method prepareNextCertI1.
protected static int prepareNextCertI1(CertPath certPath, int index, int explicitPolicy) throws CertPathValidatorException {
List certs = certPath.getCertificates();
X509Certificate cert = (X509Certificate) certs.get(index);
//
// (i)
//
ASN1Sequence pc = null;
try {
pc = DERSequence.getInstance(CertPathValidatorUtilities.getExtensionValue(cert, RFC3280CertPathUtilities.POLICY_CONSTRAINTS));
} catch (Exception e) {
throw new ExtCertPathValidatorException("Policy constraints extension cannot be decoded.", e, certPath, index);
}
int tmpInt;
if (pc != null) {
Enumeration policyConstraints = pc.getObjects();
while (policyConstraints.hasMoreElements()) {
try {
ASN1TaggedObject constraint = ASN1TaggedObject.getInstance(policyConstraints.nextElement());
if (constraint.getTagNo() == 0) {
tmpInt = DERInteger.getInstance(constraint, false).getValue().intValue();
if (tmpInt < explicitPolicy) {
return tmpInt;
}
break;
}
} catch (IllegalArgumentException e) {
throw new ExtCertPathValidatorException("Policy constraints extension contents cannot be decoded.", e, certPath, index);
}
}
}
return explicitPolicy;
}
Also used :
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
ExtCertPathValidatorException(org.bouncycastle.jce.exception.ExtCertPathValidatorException)
Enumeration(java.util.Enumeration)
ASN1TaggedObject(org.bouncycastle.asn1.ASN1TaggedObject)
List(java.util.List)
ArrayList(java.util.ArrayList)
X509Certificate(java.security.cert.X509Certificate)
CertificateExpiredException(java.security.cert.CertificateExpiredException)
GeneralSecurityException(java.security.GeneralSecurityException)
CertPathValidatorException(java.security.cert.CertPathValidatorException)
ExtCertPathValidatorException(org.bouncycastle.jce.exception.ExtCertPathValidatorException)
CertificateNotYetValidException(java.security.cert.CertificateNotYetValidException)
CertPathBuilderException(java.security.cert.CertPathBuilderException)
IOException(java.io.IOException)
IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint)
CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)
DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)
Example 42 with ASN1Sequence
use of org.apache.harmony.security.asn1.ASN1Sequence in project XobotOS by xamarin.
the class JCEECPrivateKey method populateFromPrivKeyInfo.
private void populateFromPrivKeyInfo(PrivateKeyInfo info) {
X962Parameters params = new X962Parameters((DERObject) info.getAlgorithmId().getParameters());
if (params.isNamedCurve()) {
DERObjectIdentifier oid = (DERObjectIdentifier) params.getParameters();
X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
// BEGIN android-removed
// if (ecP == null) // GOST Curve
// {
// ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid);
// EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed());
//
// ecSpec = new ECNamedCurveSpec(
// ECGOST3410NamedCurves.getName(oid),
// ellipticCurve,
// new ECPoint(
// gParam.getG().getX().toBigInteger(),
// gParam.getG().getY().toBigInteger()),
// gParam.getN(),
// gParam.getH());
// }
// else
// END android-removed
{
EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
ecSpec = new ECNamedCurveSpec(ECUtil.getCurveName(oid), ellipticCurve, new ECPoint(ecP.getG().getX().toBigInteger(), ecP.getG().getY().toBigInteger()), ecP.getN(), ecP.getH());
}
} else if (params.isImplicitlyCA()) {
ecSpec = null;
} else {
X9ECParameters ecP = new X9ECParameters((ASN1Sequence) params.getParameters());
EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
this.ecSpec = new ECParameterSpec(ellipticCurve, new ECPoint(ecP.getG().getX().toBigInteger(), ecP.getG().getY().toBigInteger()), ecP.getN(), ecP.getH().intValue());
}
if (info.getPrivateKey() instanceof DERInteger) {
DERInteger derD = (DERInteger) info.getPrivateKey();
this.d = derD.getValue();
} else {
ECPrivateKeyStructure ec = new ECPrivateKeyStructure((ASN1Sequence) info.getPrivateKey());
this.d = ec.getKey();
this.publicKey = ec.getPublicKey();
}
}
Also used :
X962Parameters(org.bouncycastle.asn1.x9.X962Parameters)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters)
EllipticCurve(java.security.spec.EllipticCurve)
ECParameterSpec(java.security.spec.ECParameterSpec)
ECPrivateKeyStructure(org.bouncycastle.asn1.sec.ECPrivateKeyStructure)
ECPoint(java.security.spec.ECPoint)
DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier)
ECNamedCurveSpec(org.bouncycastle.jce.spec.ECNamedCurveSpec)
DERInteger(org.bouncycastle.asn1.DERInteger)
Example 43 with ASN1Sequence
use of org.apache.harmony.security.asn1.ASN1Sequence in project XobotOS by xamarin.
the class RFC3280CertPathUtilities method prepareCertB.
protected static PKIXPolicyNode prepareCertB(CertPath certPath, int index, List[] policyNodes, PKIXPolicyNode validPolicyTree, int policyMapping) throws CertPathValidatorException {
List certs = certPath.getCertificates();
X509Certificate cert = (X509Certificate) certs.get(index);
int n = certs.size();
// i as defined in the algorithm description
int i = n - index;
// (b)
//
ASN1Sequence pm = null;
try {
pm = DERSequence.getInstance(CertPathValidatorUtilities.getExtensionValue(cert, RFC3280CertPathUtilities.POLICY_MAPPINGS));
} catch (AnnotatedException ex) {
throw new ExtCertPathValidatorException("Policy mappings extension could not be decoded.", ex, certPath, index);
}
PKIXPolicyNode _validPolicyTree = validPolicyTree;
if (pm != null) {
ASN1Sequence mappings = (ASN1Sequence) pm;
Map m_idp = new HashMap();
Set s_idp = new HashSet();
for (int j = 0; j < mappings.size(); j++) {
ASN1Sequence mapping = (ASN1Sequence) mappings.getObjectAt(j);
String id_p = ((DERObjectIdentifier) mapping.getObjectAt(0)).getId();
String sd_p = ((DERObjectIdentifier) mapping.getObjectAt(1)).getId();
Set tmp;
if (!m_idp.containsKey(id_p)) {
tmp = new HashSet();
tmp.add(sd_p);
m_idp.put(id_p, tmp);
s_idp.add(id_p);
} else {
tmp = (Set) m_idp.get(id_p);
tmp.add(sd_p);
}
}
Iterator it_idp = s_idp.iterator();
while (it_idp.hasNext()) {
String id_p = (String) it_idp.next();
//
if (policyMapping > 0) {
boolean idp_found = false;
Iterator nodes_i = policyNodes[i].iterator();
while (nodes_i.hasNext()) {
PKIXPolicyNode node = (PKIXPolicyNode) nodes_i.next();
if (node.getValidPolicy().equals(id_p)) {
idp_found = true;
node.expectedPolicies = (Set) m_idp.get(id_p);
break;
}
}
if (!idp_found) {
nodes_i = policyNodes[i].iterator();
while (nodes_i.hasNext()) {
PKIXPolicyNode node = (PKIXPolicyNode) nodes_i.next();
if (RFC3280CertPathUtilities.ANY_POLICY.equals(node.getValidPolicy())) {
Set pq = null;
ASN1Sequence policies = null;
try {
policies = (ASN1Sequence) CertPathValidatorUtilities.getExtensionValue(cert, RFC3280CertPathUtilities.CERTIFICATE_POLICIES);
} catch (AnnotatedException e) {
throw new ExtCertPathValidatorException("Certificate policies extension could not be decoded.", e, certPath, index);
}
Enumeration e = policies.getObjects();
while (e.hasMoreElements()) {
PolicyInformation pinfo = null;
try {
pinfo = PolicyInformation.getInstance(e.nextElement());
} catch (Exception ex) {
throw new CertPathValidatorException("Policy information could not be decoded.", ex, certPath, index);
}
if (RFC3280CertPathUtilities.ANY_POLICY.equals(pinfo.getPolicyIdentifier().getId())) {
try {
pq = CertPathValidatorUtilities.getQualifierSet(pinfo.getPolicyQualifiers());
} catch (CertPathValidatorException ex) {
throw new ExtCertPathValidatorException("Policy qualifier info set could not be decoded.", ex, certPath, index);
}
break;
}
}
boolean ci = false;
if (cert.getCriticalExtensionOIDs() != null) {
ci = cert.getCriticalExtensionOIDs().contains(RFC3280CertPathUtilities.CERTIFICATE_POLICIES);
}
PKIXPolicyNode p_node = (PKIXPolicyNode) node.getParent();
if (RFC3280CertPathUtilities.ANY_POLICY.equals(p_node.getValidPolicy())) {
PKIXPolicyNode c_node = new PKIXPolicyNode(new ArrayList(), i, (Set) m_idp.get(id_p), p_node, pq, id_p, ci);
p_node.addChild(c_node);
policyNodes[i].add(c_node);
}
break;
}
}
}
//
// (2)
//
} else if (policyMapping <= 0) {
Iterator nodes_i = policyNodes[i].iterator();
while (nodes_i.hasNext()) {
PKIXPolicyNode node = (PKIXPolicyNode) nodes_i.next();
if (node.getValidPolicy().equals(id_p)) {
PKIXPolicyNode p_node = (PKIXPolicyNode) node.getParent();
p_node.removeChild(node);
nodes_i.remove();
for (int k = (i - 1); k >= 0; k--) {
List nodes = policyNodes[k];
for (int l = 0; l < nodes.size(); l++) {
PKIXPolicyNode node2 = (PKIXPolicyNode) nodes.get(l);
if (!node2.hasChildren()) {
_validPolicyTree = CertPathValidatorUtilities.removePolicyNode(_validPolicyTree, policyNodes, node2);
if (_validPolicyTree == null) {
break;
}
}
}
}
}
}
}
}
}
return _validPolicyTree;
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
Enumeration(java.util.Enumeration)
HashMap(java.util.HashMap)
PolicyInformation(org.bouncycastle.asn1.x509.PolicyInformation)
ArrayList(java.util.ArrayList)
DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier)
X509Certificate(java.security.cert.X509Certificate)
IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint)
CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)
DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)
CertificateExpiredException(java.security.cert.CertificateExpiredException)
GeneralSecurityException(java.security.GeneralSecurityException)
CertPathValidatorException(java.security.cert.CertPathValidatorException)
ExtCertPathValidatorException(org.bouncycastle.jce.exception.ExtCertPathValidatorException)
CertificateNotYetValidException(java.security.cert.CertificateNotYetValidException)
CertPathBuilderException(java.security.cert.CertPathBuilderException)
IOException(java.io.IOException)
CertPathValidatorException(java.security.cert.CertPathValidatorException)
ExtCertPathValidatorException(org.bouncycastle.jce.exception.ExtCertPathValidatorException)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
ExtCertPathValidatorException(org.bouncycastle.jce.exception.ExtCertPathValidatorException)
Iterator(java.util.Iterator)
List(java.util.List)
ArrayList(java.util.ArrayList)
Map(java.util.Map)
HashMap(java.util.HashMap)
HashSet(java.util.HashSet)
Example 44 with ASN1Sequence
use of org.apache.harmony.security.asn1.ASN1Sequence in project XobotOS by xamarin.
the class RFC3280CertPathUtilities method prepareNextCertG.
protected static void prepareNextCertG(CertPath certPath, int index, PKIXNameConstraintValidator nameConstraintValidator) throws CertPathValidatorException {
List certs = certPath.getCertificates();
X509Certificate cert = (X509Certificate) certs.get(index);
//
// (g) handle the name constraints extension
//
NameConstraints nc = null;
try {
ASN1Sequence ncSeq = DERSequence.getInstance(CertPathValidatorUtilities.getExtensionValue(cert, RFC3280CertPathUtilities.NAME_CONSTRAINTS));
if (ncSeq != null) {
nc = new NameConstraints(ncSeq);
}
} catch (Exception e) {
throw new ExtCertPathValidatorException("Name constraints extension could not be decoded.", e, certPath, index);
}
if (nc != null) {
//
// (g) (1) permitted subtrees
//
ASN1Sequence permitted = nc.getPermittedSubtrees();
if (permitted != null) {
try {
nameConstraintValidator.intersectPermittedSubtree(permitted);
} catch (Exception ex) {
throw new ExtCertPathValidatorException("Permitted subtrees cannot be build from name constraints extension.", ex, certPath, index);
}
}
//
// (g) (2) excluded subtrees
//
ASN1Sequence excluded = nc.getExcludedSubtrees();
if (excluded != null) {
Enumeration e = excluded.getObjects();
try {
while (e.hasMoreElements()) {
GeneralSubtree subtree = GeneralSubtree.getInstance(e.nextElement());
nameConstraintValidator.addExcludedSubtree(subtree);
}
} catch (Exception ex) {
throw new ExtCertPathValidatorException("Excluded subtrees cannot be build from name constraints extension.", ex, certPath, index);
}
}
}
}
Also used :
NameConstraints(org.bouncycastle.asn1.x509.NameConstraints)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
ExtCertPathValidatorException(org.bouncycastle.jce.exception.ExtCertPathValidatorException)
Enumeration(java.util.Enumeration)
List(java.util.List)
ArrayList(java.util.ArrayList)
GeneralSubtree(org.bouncycastle.asn1.x509.GeneralSubtree)
X509Certificate(java.security.cert.X509Certificate)
CertificateExpiredException(java.security.cert.CertificateExpiredException)
GeneralSecurityException(java.security.GeneralSecurityException)
CertPathValidatorException(java.security.cert.CertPathValidatorException)
ExtCertPathValidatorException(org.bouncycastle.jce.exception.ExtCertPathValidatorException)
CertificateNotYetValidException(java.security.cert.CertificateNotYetValidException)
CertPathBuilderException(java.security.cert.CertPathBuilderException)
IOException(java.io.IOException)
Example 45 with ASN1Sequence
use of org.apache.harmony.security.asn1.ASN1Sequence in project XobotOS by xamarin.
the class X509CRLObject method toString.
/**
* Returns a string representation of this CRL.
*
* @return a string representation of this CRL.
*/
public String toString() {
StringBuffer buf = new StringBuffer();
String nl = System.getProperty("line.separator");
buf.append(" Version: ").append(this.getVersion()).append(nl);
buf.append(" IssuerDN: ").append(this.getIssuerDN()).append(nl);
buf.append(" This update: ").append(this.getThisUpdate()).append(nl);
buf.append(" Next update: ").append(this.getNextUpdate()).append(nl);
buf.append(" Signature Algorithm: ").append(this.getSigAlgName()).append(nl);
byte[] sig = this.getSignature();
buf.append(" Signature: ").append(new String(Hex.encode(sig, 0, 20))).append(nl);
for (int i = 20; i < sig.length; i += 20) {
if (i < sig.length - 20) {
buf.append(" ").append(new String(Hex.encode(sig, i, 20))).append(nl);
} else {
buf.append(" ").append(new String(Hex.encode(sig, i, sig.length - i))).append(nl);
}
}
X509Extensions extensions = c.getTBSCertList().getExtensions();
if (extensions != null) {
Enumeration e = extensions.oids();
if (e.hasMoreElements()) {
buf.append(" Extensions: ").append(nl);
}
while (e.hasMoreElements()) {
DERObjectIdentifier oid = (DERObjectIdentifier) e.nextElement();
X509Extension ext = extensions.getExtension(oid);
if (ext.getValue() != null) {
byte[] octs = ext.getValue().getOctets();
ASN1InputStream dIn = new ASN1InputStream(octs);
buf.append(" critical(").append(ext.isCritical()).append(") ");
try {
if (oid.equals(X509Extensions.CRLNumber)) {
buf.append(new CRLNumber(DERInteger.getInstance(dIn.readObject()).getPositiveValue())).append(nl);
} else if (oid.equals(X509Extensions.DeltaCRLIndicator)) {
buf.append("Base CRL: " + new CRLNumber(DERInteger.getInstance(dIn.readObject()).getPositiveValue())).append(nl);
} else if (oid.equals(X509Extensions.IssuingDistributionPoint)) {
buf.append(new IssuingDistributionPoint((ASN1Sequence) dIn.readObject())).append(nl);
} else if (oid.equals(X509Extensions.CRLDistributionPoints)) {
buf.append(new CRLDistPoint((ASN1Sequence) dIn.readObject())).append(nl);
} else if (oid.equals(X509Extensions.FreshestCRL)) {
buf.append(new CRLDistPoint((ASN1Sequence) dIn.readObject())).append(nl);
} else {
buf.append(oid.getId());
buf.append(" value = ").append(ASN1Dump.dumpAsString(dIn.readObject())).append(nl);
}
} catch (Exception ex) {
buf.append(oid.getId());
buf.append(" value = ").append("*****").append(nl);
}
} else {
buf.append(nl);
}
}
}
Set set = getRevokedCertificates();
if (set != null) {
Iterator it = set.iterator();
while (it.hasNext()) {
buf.append(it.next());
buf.append(nl);
}
}
return buf.toString();
}
Also used :
ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream)
Enumeration(java.util.Enumeration)
IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint)
HashSet(java.util.HashSet)
Set(java.util.Set)
X509Extension(org.bouncycastle.asn1.x509.X509Extension)
CRLNumber(org.bouncycastle.asn1.x509.CRLNumber)
X509Extensions(org.bouncycastle.asn1.x509.X509Extensions)
DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier)
IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint)
CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)
SignatureException(java.security.SignatureException)
IOException(java.io.IOException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
CRLException(java.security.cert.CRLException)
NoSuchProviderException(java.security.NoSuchProviderException)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
Iterator(java.util.Iterator)
CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)
Aggregations
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)57
IOException (java.io.IOException)31
ArrayList (java.util.ArrayList)29
List (java.util.List)26
Enumeration (java.util.Enumeration)23
X509Certificate (java.security.cert.X509Certificate)22
ExtCertPathValidatorException (org.bouncycastle.jce.exception.ExtCertPathValidatorException)20
CertPathValidatorException (java.security.cert.CertPathValidatorException)18
CertificateExpiredException (java.security.cert.CertificateExpiredException)17
CertificateNotYetValidException (java.security.cert.CertificateNotYetValidException)17
GeneralSecurityException (java.security.GeneralSecurityException)16
CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)16
DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)16
IssuingDistributionPoint (org.bouncycastle.asn1.x509.IssuingDistributionPoint)16
DERObjectIdentifier (org.bouncycastle.asn1.DERObjectIdentifier)15
CertPathBuilderException (java.security.cert.CertPathBuilderException)14
ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)13
Iterator (java.util.Iterator)10
HashSet (java.util.HashSet)9
Set (java.util.Set)9
