use of org.bouncycastle.asn1.ASN1InputStream in project android_packages_apps_Settings by crdroidandroid.
the class CertInstallerHelper method isCa.
private boolean isCa(X509Certificate cert) {
try {
byte[] asn1EncodedBytes = cert.getExtensionValue("2.5.29.19");
if (asn1EncodedBytes == null) {
return false;
}
DEROctetString derOctetString = (DEROctetString) new ASN1InputStream(asn1EncodedBytes).readObject();
byte[] octets = derOctetString.getOctets();
ASN1Sequence sequence = (ASN1Sequence) new ASN1InputStream(octets).readObject();
return BasicConstraints.getInstance(sequence).isCA();
} catch (IOException e) {
return false;
}
}
use of org.bouncycastle.asn1.ASN1InputStream in project keystore-explorer by kaikramer.
the class DKeyUsage method prepopulateWithValue.
private void prepopulateWithValue(byte[] value) throws IOException {
// we have a ByteArrayInputStream here which does not need to be closed
@SuppressWarnings("resource") DERBitString keyUsage = DERBitString.getInstance(new ASN1InputStream(value).readObject());
int keyUsageValue = keyUsage.intValue();
jcbDigitalSignature.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.digitalSignature));
jcbNonRepudiation.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.nonRepudiation));
jcbKeyEncipherment.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.keyEncipherment));
jcbDataEncipherment.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.dataEncipherment));
jcbKeyAgreement.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.keyAgreement));
jcbCertificateSigning.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.keyCertSign));
jcbCrlSign.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.cRLSign));
jcbEncipherOnly.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.encipherOnly));
jcbDecipherOnly.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.decipherOnly));
}
use of org.bouncycastle.asn1.ASN1InputStream in project keystore-explorer by kaikramer.
the class DNetscapeCertificateType method prepopulateWithValue.
private void prepopulateWithValue(byte[] value) throws IOException {
// we have a ByteArrayInputStream here which does not need to be closed
@SuppressWarnings("resource") DERBitString netscapeCertType = DERBitString.getInstance(new ASN1InputStream(value).readObject());
int netscapeCertTypes = netscapeCertType.intValue();
jcbSslClient.setSelected(isCertType(netscapeCertTypes, NetscapeCertType.sslClient));
jcbSslServer.setSelected(isCertType(netscapeCertTypes, NetscapeCertType.sslServer));
jcbSmime.setSelected(isCertType(netscapeCertTypes, NetscapeCertType.smime));
jcbObjectSigning.setSelected(isCertType(netscapeCertTypes, NetscapeCertType.objectSigning));
jcbReserved.setSelected(isCertType(netscapeCertTypes, NetscapeCertType.reserved));
jcbSslCa.setSelected(isCertType(netscapeCertTypes, NetscapeCertType.sslCA));
jcbSmimeCa.setSelected(isCertType(netscapeCertTypes, NetscapeCertType.smimeCA));
jcbObjectSigningCa.setSelected(isCertType(netscapeCertTypes, NetscapeCertType.objectSigningCA));
}
use of org.bouncycastle.asn1.ASN1InputStream in project webcert by sklintyg.
the class ASN1UtilImpl method getValue.
@Override
public String getValue(String identifier, InputStream asn1Signature) {
ByteArrayInputStream bais = null;
ASN1InputStream asn1InputStream = null;
try {
bais = convertStream(asn1Signature);
asn1InputStream = new ASN1InputStream(bais);
DERObject obj = asn1InputStream.readObject();
ContentInfo contentInfo = ContentInfo.getInstance(obj);
// Extract certificates
SignedData signedData = SignedData.getInstance(contentInfo.getContent());
return findInCertificate(identifier, (DERObject) signedData.getCertificates().getObjectAt(0));
} catch (IOException e) {
LOG.error("Error parsing signature: {}", e.getMessage());
throw new IllegalStateException(e);
} finally {
IOUtils.closeQuietly(bais);
IOUtils.closeQuietly(asn1InputStream);
}
}
use of org.bouncycastle.asn1.ASN1InputStream in project candlepin by candlepin.
the class X509CRLStreamWriter method write.
/**
* Write a modified CRL to the given output stream. This method will add each entry provided
* via the add() method.
*
* @param out OutputStream to write to
* @throws IOException if something goes wrong
*/
public void write(OutputStream out) throws IOException {
if (!locked || !preScanned) {
throw new IllegalStateException("The instance must be preScanned and locked before writing.");
}
if (emptyCrl) {
/* An empty CRL is going to be missing the revokedCertificates sequence
* and would require a lot of special casing during the streaming process.
* Instead, it is easier to construct the CRL in the normal fashion using
* BouncyCastle. Performance should be acceptable as long as the number of
* CRL entries being added are reasonable in number. Something less than a
* thousand or so should yield adequate performance.
*/
writeToEmptyCrl(out);
return;
}
originalLength = handleHeader(out);
int tag;
int tagNo;
int length;
while (originalLength > count.get()) {
tag = readTag(crlIn, count);
tagNo = readTagNumber(crlIn, tag, count);
length = readLength(crlIn, count);
byte[] entryBytes = new byte[length];
readFullyAndTrack(crlIn, entryBytes, count);
// We only need the serial number and not the rest of the stuff in the entry
ASN1Integer serial = (ASN1Integer) new ASN1InputStream(entryBytes).readObject();
if (deletedEntriesLength == 0 || !deletedEntries.contains(serial.getValue())) {
writeTag(out, tag, tagNo, signer);
writeLength(out, length, signer);
writeValue(out, entryBytes, signer);
}
}
// Write the new entries into the new CRL
for (ASN1Sequence entry : newEntries) {
writeBytes(out, entry.getEncoded(), signer);
}
// Copy the old extensions over
if (newExtensions != null) {
out.write(newExtensions);
signer.getOutputStream().write(newExtensions, 0, newExtensions.length);
}
out.write(signingAlg.getEncoded());
try {
byte[] signature = signer.getSignature();
ASN1BitString signatureBits = new DERBitString(signature);
out.write(signatureBits.getEncoded());
} catch (DataLengthException e) {
throw new IOException("Could not sign", e);
}
}
Aggregations