use of org.bouncycastle.asn1.ASN1Sequence in project keepass2android by PhilippC.
the class ASN1Dump method outputApplicationSpecific.
private static String outputApplicationSpecific(String type, String indent, boolean verbose, DERObject obj, String nl) {
DERApplicationSpecific app = (DERApplicationSpecific) obj;
StringBuffer buf = new StringBuffer();
if (app.isConstructed()) {
try {
ASN1Sequence s = ASN1Sequence.getInstance(app.getObject(DERTags.SEQUENCE));
buf.append(indent + type + " ApplicationSpecific[" + app.getApplicationTag() + "]" + nl);
for (Enumeration e = s.getObjects(); e.hasMoreElements(); ) {
_dumpAsString(indent + TAB, verbose, (DERObject) e.nextElement(), buf);
}
} catch (IOException e) {
buf.append(e);
}
return buf.toString();
}
return indent + type + " ApplicationSpecific[" + app.getApplicationTag() + "] (" + new String(Hex.encode(app.getContents())) + ")" + nl;
}
use of org.bouncycastle.asn1.ASN1Sequence in project android_packages_apps_Settings by crdroidandroid.
the class CertInstallerHelper method isCa.
private boolean isCa(X509Certificate cert) {
try {
byte[] asn1EncodedBytes = cert.getExtensionValue("2.5.29.19");
if (asn1EncodedBytes == null) {
return false;
}
DEROctetString derOctetString = (DEROctetString) new ASN1InputStream(asn1EncodedBytes).readObject();
byte[] octets = derOctetString.getOctets();
ASN1Sequence sequence = (ASN1Sequence) new ASN1InputStream(octets).readObject();
return BasicConstraints.getInstance(sequence).isCA();
} catch (IOException e) {
return false;
}
}
use of org.bouncycastle.asn1.ASN1Sequence in project keystore-explorer by kaikramer.
the class DViewCsr method extensionsPressed.
private void extensionsPressed() {
// extract sequence with extensions from csr
Attribute[] attributes = pkcs10Csr.getAttributes(pkcs_9_at_extensionRequest);
X509ExtensionSet x509ExtensionSet = new X509ExtensionSet();
if ((attributes != null) && (attributes.length > 0)) {
ASN1Encodable[] attributeValues = attributes[0].getAttributeValues();
if (attributeValues.length > 0) {
ASN1Sequence asn1Sequence = ASN1Sequence.getInstance(attributeValues[0]);
x509ExtensionSet = new X509ExtensionSet(asn1Sequence);
}
}
DViewExtensions dViewExtensions = new DViewExtensions(this, res.getString("DViewCertificate.Extensions.Title"), x509ExtensionSet);
dViewExtensions.setLocationRelativeTo(this);
dViewExtensions.setVisible(true);
}
use of org.bouncycastle.asn1.ASN1Sequence in project candlepin by candlepin.
the class X509CRLStreamWriter method write.
/**
* Write a modified CRL to the given output stream. This method will add each entry provided
* via the add() method.
*
* @param out OutputStream to write to
* @throws IOException if something goes wrong
*/
public void write(OutputStream out) throws IOException {
if (!locked || !preScanned) {
throw new IllegalStateException("The instance must be preScanned and locked before writing.");
}
if (emptyCrl) {
/* An empty CRL is going to be missing the revokedCertificates sequence
* and would require a lot of special casing during the streaming process.
* Instead, it is easier to construct the CRL in the normal fashion using
* BouncyCastle. Performance should be acceptable as long as the number of
* CRL entries being added are reasonable in number. Something less than a
* thousand or so should yield adequate performance.
*/
writeToEmptyCrl(out);
return;
}
originalLength = handleHeader(out);
int tag;
int tagNo;
int length;
while (originalLength > count.get()) {
tag = readTag(crlIn, count);
tagNo = readTagNumber(crlIn, tag, count);
length = readLength(crlIn, count);
byte[] entryBytes = new byte[length];
readFullyAndTrack(crlIn, entryBytes, count);
// We only need the serial number and not the rest of the stuff in the entry
ASN1Integer serial = (ASN1Integer) new ASN1InputStream(entryBytes).readObject();
if (deletedEntriesLength == 0 || !deletedEntries.contains(serial.getValue())) {
writeTag(out, tag, tagNo, signer);
writeLength(out, length, signer);
writeValue(out, entryBytes, signer);
}
}
// Write the new entries into the new CRL
for (ASN1Sequence entry : newEntries) {
writeBytes(out, entry.getEncoded(), signer);
}
// Copy the old extensions over
if (newExtensions != null) {
out.write(newExtensions);
signer.getOutputStream().write(newExtensions, 0, newExtensions.length);
}
out.write(signingAlg.getEncoded());
try {
byte[] signature = signer.getSignature();
ASN1BitString signatureBits = new DERBitString(signature);
out.write(signatureBits.getEncoded());
} catch (DataLengthException e) {
throw new IOException("Could not sign", e);
}
}
use of org.bouncycastle.asn1.ASN1Sequence in project jruby-openssl by jruby.
the class X509CRL method sign.
@JRubyMethod
public IRubyObject sign(final ThreadContext context, final IRubyObject key, IRubyObject digest) {
final Ruby runtime = context.runtime;
final String signatureAlgorithm = getSignatureAlgorithm(runtime, (PKey) key, (Digest) digest);
final X500Name issuerName = ((X509Name) issuer).getX500Name();
final java.util.Date thisUpdate = getLastUpdate().toDate();
final X509v2CRLBuilder generator = new X509v2CRLBuilder(issuerName, thisUpdate);
final java.util.Date nextUpdate = getNextUpdate().toDate();
generator.setNextUpdate(nextUpdate);
if (revoked != null) {
for (int i = 0; i < revoked.size(); i++) {
final X509Revoked rev = (X509Revoked) revoked.entry(i);
BigInteger serial = new BigInteger(rev.callMethod(context, "serial").toString());
RubyTime t1 = (RubyTime) rev.callMethod(context, "time").callMethod(context, "getutc");
t1.setMicroseconds(0);
final Extensions revExts;
if (rev.hasExtensions()) {
final RubyArray exts = rev.extensions();
final ASN1Encodable[] array = new ASN1Encodable[exts.size()];
for (int j = 0; j < exts.size(); j++) {
final X509Extension ext = (X509Extension) exts.entry(j);
try {
array[j] = ext.toASN1Sequence();
} catch (IOException e) {
throw newCRLError(runtime, e);
}
}
revExts = Extensions.getInstance(new DERSequence(array));
} else {
revExts = null;
}
generator.addCRLEntry(serial, t1.getJavaDate(), revExts);
}
}
try {
for (int i = 0; i < extensions.size(); i++) {
X509Extension ext = (X509Extension) extensions.entry(i);
ASN1Encodable value = ext.getRealValue();
generator.addExtension(ext.getRealObjectID(), ext.isRealCritical(), value);
}
} catch (IOException e) {
throw newCRLError(runtime, e);
}
final PrivateKey privateKey = ((PKey) key).getPrivateKey();
try {
if (avoidJavaSecurity) {
// NOT IMPLEMENTED
} else {
// crl = generator.generate(((PKey) key).getPrivateKey());
}
/*
AlgorithmIdentifier keyAldID = new AlgorithmIdentifier(new ASN1ObjectIdentifier(keyAlg));
AlgorithmIdentifier digAldID = new AlgorithmIdentifier(new ASN1ObjectIdentifier(digAlg));
final BcContentSignerBuilder signerBuilder;
final AsymmetricKeyParameter signerPrivateKey;
if ( isDSA ) {
signerBuilder = new BcDSAContentSignerBuilder(keyAldID, digAldID);
DSAPrivateKey privateKey = (DSAPrivateKey) ((PKey) key).getPrivateKey();
DSAParameters params = new DSAParameters(
privateKey.getParams().getP(),
privateKey.getParams().getQ(),
privateKey.getParams().getG()
);
signerPrivateKey = new DSAPrivateKeyParameters(privateKey.getX(), params);
}
*/
ContentSigner signer = new JcaContentSignerBuilder(signatureAlgorithm).build(privateKey);
this.crlHolder = generator.build(signer);
this.crl = null;
} catch (IllegalStateException e) {
debugStackTrace(e);
throw newCRLError(runtime, e);
} catch (Exception e) {
debugStackTrace(e);
throw newCRLError(runtime, e.getMessage());
}
final ASN1Primitive crlVal = getCRLValue(runtime);
ASN1Sequence v1 = (ASN1Sequence) (((ASN1Sequence) crlVal).getObjectAt(0));
final ASN1EncodableVector build1 = new ASN1EncodableVector();
int copyIndex = 0;
if (v1.getObjectAt(0) instanceof ASN1Integer)
copyIndex++;
build1.add(new ASN1Integer(new BigInteger(version.toString())));
while (copyIndex < v1.size()) {
build1.add(v1.getObjectAt(copyIndex++));
}
final ASN1EncodableVector build2 = new ASN1EncodableVector();
build2.add(new DLSequence(build1));
build2.add(((ASN1Sequence) crlVal).getObjectAt(1));
build2.add(((ASN1Sequence) crlVal).getObjectAt(2));
this.crlValue = new DLSequence(build2);
changed = false;
return this;
}
Aggregations