Example 6 with ASN1Enumerated
use of org.bouncycastle.asn1.ASN1Enumerated in project candlepin by candlepin.
the class X509CRLStreamWriter method writeToEmptyCrl.
protected void writeToEmptyCrl(OutputStream out) throws IOException {
ASN1InputStream asn1in = null;
try {
asn1in = new ASN1InputStream(crlIn);
ASN1Sequence certListSeq = (ASN1Sequence) asn1in.readObject();
CertificateList certList = CertificateList.getInstance(certListSeq);
X509CRLHolder oldCrl = new X509CRLHolder(certList);
X509v2CRLBuilder crlBuilder = new X509v2CRLBuilder(oldCrl.getIssuer(), new Date());
crlBuilder.addCRL(oldCrl);
Date now = new Date();
Date oldNextUpdate = certList.getNextUpdate().getDate();
Date oldThisUpdate = certList.getThisUpdate().getDate();
Date nextUpdate = new Date(now.getTime() + (oldNextUpdate.getTime() - oldThisUpdate.getTime()));
crlBuilder.setNextUpdate(nextUpdate);
for (Object o : oldCrl.getExtensionOIDs()) {
ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) o;
Extension ext = oldCrl.getExtension(oid);
if (oid.equals(Extension.cRLNumber)) {
ASN1OctetString octet = ext.getExtnValue();
ASN1Integer currentNumber = (ASN1Integer) new ASN1InputStream(octet.getOctets()).readObject();
ASN1Integer nextNumber = new ASN1Integer(currentNumber.getValue().add(BigInteger.ONE));
crlBuilder.addExtension(oid, ext.isCritical(), nextNumber);
} else if (oid.equals(Extension.authorityKeyIdentifier)) {
crlBuilder.addExtension(oid, ext.isCritical(), ext.getParsedValue());
}
}
for (DERSequence entry : newEntries) {
// XXX: This is all a bit messy considering the user already passed in the serial, date
// and reason.
BigInteger serial = ((ASN1Integer) entry.getObjectAt(0)).getValue();
Date revokeDate = ((Time) entry.getObjectAt(1)).getDate();
int reason = CRLReason.unspecified;
if (entry.size() == 3) {
Extensions extensions = (Extensions) entry.getObjectAt(2);
Extension reasonExt = extensions.getExtension(Extension.reasonCode);
if (reasonExt != null) {
reason = ((ASN1Enumerated) reasonExt.getParsedValue()).getValue().intValue();
}
}
crlBuilder.addCRLEntry(serial, revokeDate, reason);
}
if (signingAlg == null) {
signingAlg = oldCrl.toASN1Structure().getSignatureAlgorithm();
}
ContentSigner s;
try {
s = createContentSigner(signingAlg, key);
X509CRLHolder newCrl = crlBuilder.build(s);
out.write(newCrl.getEncoded());
} catch (OperatorCreationException e) {
throw new IOException("Could not sign CRL", e);
}
} finally {
IOUtils.closeQuietly(asn1in);
}
}
Also used :
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream)
CertificateList(org.bouncycastle.asn1.x509.CertificateList)
ContentSigner(org.bouncycastle.operator.ContentSigner)
DERGeneralizedTime(org.bouncycastle.asn1.DERGeneralizedTime)
ASN1GeneralizedTime(org.bouncycastle.asn1.ASN1GeneralizedTime)
DERUTCTime(org.bouncycastle.asn1.DERUTCTime)
Time(org.bouncycastle.asn1.x509.Time)
ASN1UTCTime(org.bouncycastle.asn1.ASN1UTCTime)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
IOException(java.io.IOException)
Extensions(org.bouncycastle.asn1.x509.Extensions)
Date(java.util.Date)
Extension(org.bouncycastle.asn1.x509.Extension)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
DERSequence(org.bouncycastle.asn1.DERSequence)
ASN1Enumerated(org.bouncycastle.asn1.ASN1Enumerated)
X509CRLHolder(org.bouncycastle.cert.X509CRLHolder)
BigInteger(java.math.BigInteger)
X509v2CRLBuilder(org.bouncycastle.cert.X509v2CRLBuilder)
ASN1Object(org.bouncycastle.asn1.ASN1Object)
ASN1TaggedObject(org.bouncycastle.asn1.ASN1TaggedObject)
DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject)
OperatorCreationException(org.bouncycastle.operator.OperatorCreationException)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 7 with ASN1Enumerated
use of org.bouncycastle.asn1.ASN1Enumerated in project keystore-explorer by kaikramer.
the class X509Ext method getReasonCodeStringValue.
private String getReasonCodeStringValue(byte[] value) throws IOException {
// @formatter:off
/*
* ReasonCode ::= { CRLReason }
*
* CRLReason ::= ASN1Enumerated { unspecified (0), keyCompromise (1),
* cACompromise (2), affiliationChanged (3), superseded (4),
* cessationOfOperation (5), certificateHold (6), removeFromCRL (8),
* privilegeWithdrawn (9), aACompromise (10) }
*/
// @formatter:on
StringBuilder sb = new StringBuilder();
CRLReason crlReason = CRLReason.getInstance(value);
long crlReasonLong = crlReason.getValue().longValue();
if (crlReasonLong == CRLReason.unspecified) {
sb.append(res.getString("UnspecifiedCrlReason"));
} else if (crlReasonLong == CRLReason.keyCompromise) {
sb.append(res.getString("KeyCompromiseCrlReason"));
} else if (crlReasonLong == CRLReason.cACompromise) {
sb.append(res.getString("CaCompromiseCrlReason"));
} else if (crlReasonLong == CRLReason.affiliationChanged) {
sb.append(res.getString("AffiliationChangedCrlReason"));
} else if (crlReasonLong == CRLReason.superseded) {
sb.append(res.getString("SupersededCrlReason"));
} else if (crlReasonLong == CRLReason.cessationOfOperation) {
sb.append(res.getString("CessationOfOperationCrlReason"));
} else if (crlReasonLong == CRLReason.certificateHold) {
sb.append(res.getString("CertificateHoldCrlReason"));
} else if (crlReasonLong == CRLReason.removeFromCRL) {
sb.append(res.getString("RemoveFromCrlCrlReason"));
} else if (crlReasonLong == CRLReason.privilegeWithdrawn) {
sb.append(res.getString("PrivilegeWithdrawnCrlReason"));
} else // CRLReason.aACompromise
{
sb.append(res.getString("AaCompromiseCrlReason"));
}
sb.append(NEWLINE);
return sb.toString();
}
Also used :
CRLReason(org.bouncycastle.asn1.x509.CRLReason)
Example 8 with ASN1Enumerated
use of org.bouncycastle.asn1.ASN1Enumerated in project jruby-openssl by jruby.
the class ASN1 method decodeObject.
// ObjectId
static IRubyObject decodeObject(final ThreadContext context, final RubyModule ASN1, final org.bouncycastle.asn1.ASN1Encodable obj) throws IOException, IllegalArgumentException {
final Ruby runtime = context.runtime;
if (obj instanceof ASN1Integer) {
final BN val = BN.newBN(runtime, ((ASN1Integer) obj).getValue());
return ASN1.getClass("Integer").callMethod(context, "new", val);
}
if (obj instanceof DERInteger) {
final BN val = BN.newBN(runtime, ((DERInteger) obj).getValue());
return ASN1.getClass("Integer").callMethod(context, "new", val);
}
if (obj instanceof DERBitString) {
final DERBitString derObj = (DERBitString) obj;
RubyString str = runtime.newString(new ByteList(derObj.getBytes(), false));
IRubyObject bitString = ASN1.getClass("BitString").callMethod(context, "new", str);
bitString.callMethod(context, "unused_bits=", runtime.newFixnum(derObj.getPadBits()));
return bitString;
}
if (obj instanceof ASN1String) {
final Integer typeId = typeId(obj.getClass());
String type = typeId == null ? null : (String) (ASN1_INFO[typeId][2]);
final ByteList bytes;
if (obj instanceof DERUTF8String) {
if (type == null)
type = "UTF8String";
bytes = new ByteList(((DERUTF8String) obj).getString().getBytes("UTF-8"), false);
} else {
if (type == null) {
if (obj instanceof DERNumericString) {
type = "NumericString";
} else if (obj instanceof DERPrintableString) {
type = "PrintableString";
} else if (obj instanceof DERIA5String) {
type = "IA5String";
} else if (obj instanceof DERT61String) {
type = "T61String";
} else if (obj instanceof DERGeneralString) {
type = "GeneralString";
} else if (obj instanceof DERUniversalString) {
type = "UniversalString";
} else if (obj instanceof DERBMPString) {
type = "BMPString";
} else {
// NOTE "VideotexString", "GraphicString", "ISO64String" not-handled in BC !
throw new IllegalArgumentException("could not handle ASN1 string type: " + obj + " (" + obj.getClass().getName() + ")");
}
}
bytes = ByteList.create(((ASN1String) obj).getString());
}
return ASN1.getClass(type).callMethod(context, "new", runtime.newString(bytes));
}
if (obj instanceof ASN1OctetString) {
final ByteList octets = new ByteList(((ASN1OctetString) obj).getOctets(), false);
// final ByteList octets = new ByteList(((ASN1OctetString) obj).getEncoded(ASN1Encoding.DER), false);
return ASN1.getClass("OctetString").callMethod(context, "new", runtime.newString(octets));
}
if (obj instanceof ASN1Null) {
return ASN1.getClass("Null").callMethod(context, "new", runtime.getNil());
}
if (obj instanceof ASN1Boolean) {
final boolean val = ((ASN1Boolean) obj).isTrue();
return ASN1.getClass("Boolean").callMethod(context, "new", runtime.newBoolean(val));
}
// DERBoolean extends ASN1Boolean only since 1.51 (<= 1.50 the other way around)
if (obj instanceof DERBoolean) {
final boolean val = ((DERBoolean) obj).isTrue();
return ASN1.getClass("Boolean").callMethod(context, "new", runtime.newBoolean(val));
}
if (obj instanceof ASN1UTCTime) {
final Date adjustedTime;
try {
adjustedTime = ((ASN1UTCTime) obj).getAdjustedDate();
} catch (ParseException e) {
throw new IOException(e);
}
final RubyTime time = RubyTime.newTime(runtime, adjustedTime.getTime());
return ASN1.getClass("UTCTime").callMethod(context, "new", time);
}
// NOTE: keep for BC versions compatibility ... extends ASN1UTCTime (since BC 1.51)
if (obj instanceof DERUTCTime) {
final Date adjustedTime;
try {
adjustedTime = ((DERUTCTime) obj).getAdjustedDate();
} catch (ParseException e) {
throw new IOException(e);
}
final RubyTime time = RubyTime.newTime(runtime, adjustedTime.getTime());
return ASN1.getClass("UTCTime").callMethod(context, "new", time);
}
if (obj instanceof ASN1GeneralizedTime) {
final Date generalTime;
try {
generalTime = ((ASN1GeneralizedTime) obj).getDate();
} catch (ParseException e) {
throw new IOException(e);
}
final RubyTime time = RubyTime.newTime(runtime, generalTime.getTime());
return ASN1.getClass("GeneralizedTime").callMethod(context, "new", time);
}
// NOTE: keep for BC versions compatibility ... extends ASN1GeneralizedTime (since BC 1.51)
if (obj instanceof DERGeneralizedTime) {
final Date generalTime;
try {
generalTime = ((DERGeneralizedTime) obj).getDate();
} catch (ParseException e) {
throw new IOException(e);
}
final RubyTime time = RubyTime.newTime(runtime, generalTime.getTime());
return ASN1.getClass("GeneralizedTime").callMethod(context, "new", time);
}
if (obj instanceof ASN1ObjectIdentifier) {
final String objId = ((ASN1ObjectIdentifier) obj).getId();
return ASN1.getClass("ObjectId").callMethod(context, "new", runtime.newString(objId));
}
// DERObjectIdentifier extends ASN1ObjectIdentifier = 1.51
if (obj instanceof DERObjectIdentifier) {
final String objId = ((DERObjectIdentifier) obj).getId();
return ASN1.getClass("ObjectId").callMethod(context, "new", runtime.newString(objId));
}
if (obj instanceof ASN1TaggedObject) {
final ASN1TaggedObject taggedObj = (ASN1TaggedObject) obj;
IRubyObject val = decodeObject(context, ASN1, taggedObj.getObject());
IRubyObject tag = runtime.newFixnum(taggedObj.getTagNo());
IRubyObject tag_class = runtime.newSymbol("CONTEXT_SPECIFIC");
final RubyArray valArr = runtime.newArray(val);
return ASN1.getClass("ASN1Data").callMethod(context, "new", new IRubyObject[] { valArr, tag, tag_class });
}
if (obj instanceof DERApplicationSpecific) {
final DERApplicationSpecific appSpecific = (DERApplicationSpecific) obj;
IRubyObject tag = runtime.newFixnum(appSpecific.getApplicationTag());
IRubyObject tag_class = runtime.newSymbol("APPLICATION");
final ASN1Sequence sequence = (ASN1Sequence) appSpecific.getObject(SEQUENCE);
@SuppressWarnings("unchecked") final RubyArray valArr = decodeObjects(context, ASN1, sequence.getObjects());
return ASN1.getClass("ASN1Data").callMethod(context, "new", new IRubyObject[] { valArr, tag, tag_class });
}
if (obj instanceof ASN1Sequence) {
@SuppressWarnings("unchecked") RubyArray arr = decodeObjects(context, ASN1, ((ASN1Sequence) obj).getObjects());
return ASN1.getClass("Sequence").callMethod(context, "new", arr);
}
if (obj instanceof ASN1Set) {
@SuppressWarnings("unchecked") RubyArray arr = decodeObjects(context, ASN1, ((ASN1Set) obj).getObjects());
return ASN1.getClass("Set").callMethod(context, "new", arr);
}
if (obj instanceof ASN1Enumerated) {
final RubyInteger value = RubyBignum.bignorm(runtime, ((ASN1Enumerated) obj).getValue());
return ASN1.getClass("Enumerated").callMethod(context, "new", value);
}
throw new IllegalArgumentException("unable to decode object: " + obj + " (" + (obj == null ? "" : obj.getClass().getName()) + ")");
}
Also used :
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
RubyTime(org.jruby.RubyTime)
RubyArray(org.jruby.RubyArray)
DERApplicationSpecific(org.bouncycastle.asn1.DERApplicationSpecific)
RubyInteger(org.jruby.RubyInteger)
ASN1TaggedObject(org.bouncycastle.asn1.ASN1TaggedObject)
ASN1UTCTime(org.bouncycastle.asn1.ASN1UTCTime)
ASN1GeneralizedTime(org.bouncycastle.asn1.ASN1GeneralizedTime)
DERBitString(org.bouncycastle.asn1.DERBitString)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DERBMPString(org.bouncycastle.asn1.DERBMPString)
DERGeneralString(org.bouncycastle.asn1.DERGeneralString)
RubyString(org.jruby.RubyString)
DERPrintableString(org.bouncycastle.asn1.DERPrintableString)
DERNumericString(org.bouncycastle.asn1.DERNumericString)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
BEROctetString(org.bouncycastle.asn1.BEROctetString)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
DERT61String(org.bouncycastle.asn1.DERT61String)
DERVisibleString(org.bouncycastle.asn1.DERVisibleString)
ASN1String(org.bouncycastle.asn1.ASN1String)
DERUniversalString(org.bouncycastle.asn1.DERUniversalString)
IRubyObject(org.jruby.runtime.builtin.IRubyObject)
DERInteger(org.bouncycastle.asn1.DERInteger)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
DERGeneralizedTime(org.bouncycastle.asn1.DERGeneralizedTime)
DERUTCTime(org.bouncycastle.asn1.DERUTCTime)
ASN1Enumerated(org.bouncycastle.asn1.ASN1Enumerated)
DERGeneralString(org.bouncycastle.asn1.DERGeneralString)
DERPrintableString(org.bouncycastle.asn1.DERPrintableString)
Ruby(org.jruby.Ruby)
DERBoolean(org.bouncycastle.asn1.DERBoolean)
ByteList(org.jruby.util.ByteList)
DERBMPString(org.bouncycastle.asn1.DERBMPString)
RubyString(org.jruby.RubyString)
DERUniversalString(org.bouncycastle.asn1.DERUniversalString)
DERBitString(org.bouncycastle.asn1.DERBitString)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
IOException(java.io.IOException)
DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier)
Date(java.util.Date)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
BigInteger(java.math.BigInteger)
RubyInteger(org.jruby.RubyInteger)
DERInteger(org.bouncycastle.asn1.DERInteger)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
ASN1Set(org.bouncycastle.asn1.ASN1Set)
DERNumericString(org.bouncycastle.asn1.DERNumericString)
DERT61String(org.bouncycastle.asn1.DERT61String)
ASN1String(org.bouncycastle.asn1.ASN1String)
ASN1Boolean(org.bouncycastle.asn1.ASN1Boolean)
ParseException(java.text.ParseException)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
ASN1Null(org.bouncycastle.asn1.ASN1Null)
Aggregations
ASN1Enumerated (org.bouncycastle.asn1.ASN1Enumerated)7
ASN1Integer (org.bouncycastle.asn1.ASN1Integer)6
DEROctetString (org.bouncycastle.asn1.DEROctetString)5
IOException (java.io.IOException)4
Date (java.util.Date)4
ASN1GeneralizedTime (org.bouncycastle.asn1.ASN1GeneralizedTime)4
Extension (org.bouncycastle.asn1.x509.Extension)4
Extensions (org.bouncycastle.asn1.x509.Extensions)4
ASN1UTCTime (org.bouncycastle.asn1.ASN1UTCTime)3
DERGeneralizedTime (org.bouncycastle.asn1.DERGeneralizedTime)3
DERUTCTime (org.bouncycastle.asn1.DERUTCTime)3
PKIBody (org.bouncycastle.asn1.cmp.PKIBody)3
PKIMessage (org.bouncycastle.asn1.cmp.PKIMessage)3
RevDetails (org.bouncycastle.asn1.cmp.RevDetails)3
RevReqContent (org.bouncycastle.asn1.cmp.RevReqContent)3
CertTemplateBuilder (org.bouncycastle.asn1.crmf.CertTemplateBuilder)3
BigInteger (java.math.BigInteger)2
ArrayList (java.util.ArrayList)2
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)2
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)2
