Search in sources :

Example 41 with ASN1InputStream

use of org.bouncycastle.asn1.ASN1InputStream in project android_packages_apps_Settings by crdroidandroid.

the class CertInstallerHelper method isCa.

private boolean isCa(X509Certificate cert) {
    try {
        byte[] asn1EncodedBytes = cert.getExtensionValue("2.5.29.19");
        if (asn1EncodedBytes == null) {
            return false;
        }
        DEROctetString derOctetString = (DEROctetString) new ASN1InputStream(asn1EncodedBytes).readObject();
        byte[] octets = derOctetString.getOctets();
        ASN1Sequence sequence = (ASN1Sequence) new ASN1InputStream(octets).readObject();
        return BasicConstraints.getInstance(sequence).isCA();
    } catch (IOException e) {
        return false;
    }
}
Also used : ASN1InputStream(com.android.org.bouncycastle.asn1.ASN1InputStream) ASN1Sequence(com.android.org.bouncycastle.asn1.ASN1Sequence) IOException(java.io.IOException) DEROctetString(com.android.org.bouncycastle.asn1.DEROctetString)

Example 42 with ASN1InputStream

use of org.bouncycastle.asn1.ASN1InputStream in project keystore-explorer by kaikramer.

the class DKeyUsage method prepopulateWithValue.

private void prepopulateWithValue(byte[] value) throws IOException {
    // we have a ByteArrayInputStream here which does not need to be closed
    @SuppressWarnings("resource") DERBitString keyUsage = DERBitString.getInstance(new ASN1InputStream(value).readObject());
    int keyUsageValue = keyUsage.intValue();
    jcbDigitalSignature.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.digitalSignature));
    jcbNonRepudiation.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.nonRepudiation));
    jcbKeyEncipherment.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.keyEncipherment));
    jcbDataEncipherment.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.dataEncipherment));
    jcbKeyAgreement.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.keyAgreement));
    jcbCertificateSigning.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.keyCertSign));
    jcbCrlSign.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.cRLSign));
    jcbEncipherOnly.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.encipherOnly));
    jcbDecipherOnly.setSelected(hasKeyUsage(keyUsageValue, KeyUsage.decipherOnly));
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) DERBitString(org.bouncycastle.asn1.DERBitString)

Example 43 with ASN1InputStream

use of org.bouncycastle.asn1.ASN1InputStream in project keystore-explorer by kaikramer.

the class DNetscapeCertificateType method prepopulateWithValue.

private void prepopulateWithValue(byte[] value) throws IOException {
    // we have a ByteArrayInputStream here which does not need to be closed
    @SuppressWarnings("resource") DERBitString netscapeCertType = DERBitString.getInstance(new ASN1InputStream(value).readObject());
    int netscapeCertTypes = netscapeCertType.intValue();
    jcbSslClient.setSelected(isCertType(netscapeCertTypes, NetscapeCertType.sslClient));
    jcbSslServer.setSelected(isCertType(netscapeCertTypes, NetscapeCertType.sslServer));
    jcbSmime.setSelected(isCertType(netscapeCertTypes, NetscapeCertType.smime));
    jcbObjectSigning.setSelected(isCertType(netscapeCertTypes, NetscapeCertType.objectSigning));
    jcbReserved.setSelected(isCertType(netscapeCertTypes, NetscapeCertType.reserved));
    jcbSslCa.setSelected(isCertType(netscapeCertTypes, NetscapeCertType.sslCA));
    jcbSmimeCa.setSelected(isCertType(netscapeCertTypes, NetscapeCertType.smimeCA));
    jcbObjectSigningCa.setSelected(isCertType(netscapeCertTypes, NetscapeCertType.objectSigningCA));
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) DERBitString(org.bouncycastle.asn1.DERBitString)

Example 44 with ASN1InputStream

use of org.bouncycastle.asn1.ASN1InputStream in project webcert by sklintyg.

the class ASN1UtilImpl method getValue.

@Override
public String getValue(String identifier, InputStream asn1Signature) {
    ByteArrayInputStream bais = null;
    ASN1InputStream asn1InputStream = null;
    try {
        bais = convertStream(asn1Signature);
        asn1InputStream = new ASN1InputStream(bais);
        DERObject obj = asn1InputStream.readObject();
        ContentInfo contentInfo = ContentInfo.getInstance(obj);
        // Extract certificates
        SignedData signedData = SignedData.getInstance(contentInfo.getContent());
        return findInCertificate(identifier, (DERObject) signedData.getCertificates().getObjectAt(0));
    } catch (IOException e) {
        LOG.error("Error parsing signature: {}", e.getMessage());
        throw new IllegalStateException(e);
    } finally {
        IOUtils.closeQuietly(bais);
        IOUtils.closeQuietly(asn1InputStream);
    }
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) DERObject(org.bouncycastle.asn1.DERObject) SignedData(org.bouncycastle.asn1.pkcs.SignedData) ByteArrayInputStream(java.io.ByteArrayInputStream) ContentInfo(org.bouncycastle.asn1.pkcs.ContentInfo) IOException(java.io.IOException)

Example 45 with ASN1InputStream

use of org.bouncycastle.asn1.ASN1InputStream in project candlepin by candlepin.

the class X509CRLStreamWriter method write.

/**
 * Write a modified CRL to the given output stream.  This method will add each entry provided
 * via the add() method.
 *
 * @param out OutputStream to write to
 * @throws IOException if something goes wrong
 */
public void write(OutputStream out) throws IOException {
    if (!locked || !preScanned) {
        throw new IllegalStateException("The instance must be preScanned and locked before writing.");
    }
    if (emptyCrl) {
        /* An empty CRL is going to be missing the revokedCertificates sequence
             * and would require a lot of special casing during the streaming process.
             * Instead, it is easier to construct the CRL in the normal fashion using
             * BouncyCastle.  Performance should be acceptable as long as the number of
             * CRL entries being added are reasonable in number.  Something less than a
             * thousand or so should yield adequate performance.
             */
        writeToEmptyCrl(out);
        return;
    }
    originalLength = handleHeader(out);
    int tag;
    int tagNo;
    int length;
    while (originalLength > count.get()) {
        tag = readTag(crlIn, count);
        tagNo = readTagNumber(crlIn, tag, count);
        length = readLength(crlIn, count);
        byte[] entryBytes = new byte[length];
        readFullyAndTrack(crlIn, entryBytes, count);
        // We only need the serial number and not the rest of the stuff in the entry
        ASN1Integer serial = (ASN1Integer) new ASN1InputStream(entryBytes).readObject();
        if (deletedEntriesLength == 0 || !deletedEntries.contains(serial.getValue())) {
            writeTag(out, tag, tagNo, signer);
            writeLength(out, length, signer);
            writeValue(out, entryBytes, signer);
        }
    }
    // Write the new entries into the new CRL
    for (ASN1Sequence entry : newEntries) {
        writeBytes(out, entry.getEncoded(), signer);
    }
    // Copy the old extensions over
    if (newExtensions != null) {
        out.write(newExtensions);
        signer.getOutputStream().write(newExtensions, 0, newExtensions.length);
    }
    out.write(signingAlg.getEncoded());
    try {
        byte[] signature = signer.getSignature();
        ASN1BitString signatureBits = new DERBitString(signature);
        out.write(signatureBits.getEncoded());
    } catch (DataLengthException e) {
        throw new IOException("Could not sign", e);
    }
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) DataLengthException(org.bouncycastle.crypto.DataLengthException) DERBitString(org.bouncycastle.asn1.DERBitString) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) IOException(java.io.IOException) ASN1BitString(org.bouncycastle.asn1.ASN1BitString)

Aggregations

ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)104 IOException (java.io.IOException)85 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)34 ByteArrayInputStream (java.io.ByteArrayInputStream)33 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)25 BigInteger (java.math.BigInteger)22 ASN1InputStream (com.android.org.bouncycastle.asn1.ASN1InputStream)20 CertificateException (java.security.cert.CertificateException)20 CertificateParsingException (java.security.cert.CertificateParsingException)19 X509Certificate (java.security.cert.X509Certificate)19 DEROctetString (org.bouncycastle.asn1.DEROctetString)19 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)17 Enumeration (java.util.Enumeration)17 CertificateEncodingException (java.security.cert.CertificateEncodingException)16 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)15 InvalidKeyException (java.security.InvalidKeyException)14 CRLException (java.security.cert.CRLException)14 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)14 NoSuchProviderException (java.security.NoSuchProviderException)11 ASN1Primitive (org.bouncycastle.asn1.ASN1Primitive)11