Example 11 with X509Extension
use of org.gudy.bouncycastle.asn1.x509.X509Extension in project BiglyBT by BiglySoftware.
the class X509CRLObject method getExtensionOIDs.
private Set getExtensionOIDs(boolean critical) {
if (this.getVersion() == 2) {
HashSet set = new HashSet();
X509Extensions extensions = c.getTBSCertList().getExtensions();
Enumeration e = extensions.oids();
while (e.hasMoreElements()) {
DERObjectIdentifier oid = (DERObjectIdentifier) e.nextElement();
X509Extension ext = extensions.getExtension(oid);
if (critical == ext.isCritical()) {
set.add(oid.getId());
}
}
return set;
}
return null;
}
Also used :
Enumeration(java.util.Enumeration)
X509Extension(org.gudy.bouncycastle.asn1.x509.X509Extension)
X509Extensions(org.gudy.bouncycastle.asn1.x509.X509Extensions)
DERObjectIdentifier(org.gudy.bouncycastle.asn1.DERObjectIdentifier)
HashSet(java.util.HashSet)
Example 12 with X509Extension
use of org.gudy.bouncycastle.asn1.x509.X509Extension in project BiglyBT by BiglySoftware.
the class X509CertificateObject method getNonCriticalExtensionOIDs.
@Override
public Set getNonCriticalExtensionOIDs() {
if (this.getVersion() == 3) {
HashSet set = new HashSet();
X509Extensions extensions = c.getTBSCertificate().getExtensions();
if (extensions != null) {
Enumeration e = extensions.oids();
while (e.hasMoreElements()) {
DERObjectIdentifier oid = (DERObjectIdentifier) e.nextElement();
X509Extension ext = extensions.getExtension(oid);
if (!ext.isCritical()) {
set.add(oid.getId());
}
}
return set;
}
}
return null;
}
Also used :
X509Extension(org.gudy.bouncycastle.asn1.x509.X509Extension)
Example 13 with X509Extension
use of org.gudy.bouncycastle.asn1.x509.X509Extension in project BiglyBT by BiglySoftware.
the class X509V2AttributeCertificate method getExtensionValue.
@Override
public byte[] getExtensionValue(String oid) {
X509Extensions extensions = cert.getAcinfo().getExtensions();
if (extensions != null) {
X509Extension ext = extensions.getExtension(new DERObjectIdentifier(oid));
if (ext != null) {
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
DEROutputStream dOut = new DEROutputStream(bOut);
try {
dOut.writeObject(ext.getValue());
return bOut.toByteArray();
} catch (Exception e) {
throw new RuntimeException("error encoding " + e.toString());
}
}
}
return null;
}
Also used :
X509Extension(org.gudy.bouncycastle.asn1.x509.X509Extension)
X509Extensions(org.gudy.bouncycastle.asn1.x509.X509Extensions)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
CertificateNotYetValidException(java.security.cert.CertificateNotYetValidException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
CertificateExpiredException(java.security.cert.CertificateExpiredException)
ParseException(java.text.ParseException)
Example 14 with X509Extension
use of org.gudy.bouncycastle.asn1.x509.X509Extension in project jruby-openssl by jruby.
the class X509CRL method sign.
@JRubyMethod
public IRubyObject sign(final ThreadContext context, final IRubyObject key, IRubyObject digest) {
final Ruby runtime = context.runtime;
final String signatureAlgorithm = getSignatureAlgorithm(runtime, (PKey) key, (Digest) digest);
final X500Name issuerName = ((X509Name) issuer).getX500Name();
final java.util.Date thisUpdate = getLastUpdate().toDate();
final X509v2CRLBuilder generator = new X509v2CRLBuilder(issuerName, thisUpdate);
final java.util.Date nextUpdate = getNextUpdate().toDate();
generator.setNextUpdate(nextUpdate);
if (revoked != null) {
for (int i = 0; i < revoked.size(); i++) {
final X509Revoked rev = (X509Revoked) revoked.entry(i);
BigInteger serial = new BigInteger(rev.callMethod(context, "serial").toString());
RubyTime t1 = (RubyTime) rev.callMethod(context, "time").callMethod(context, "getutc");
t1.setMicroseconds(0);
final Extensions revExts;
if (rev.hasExtensions()) {
final RubyArray exts = rev.extensions();
final ASN1Encodable[] array = new ASN1Encodable[exts.size()];
for (int j = 0; j < exts.size(); j++) {
final X509Extension ext = (X509Extension) exts.entry(j);
try {
array[j] = ext.toASN1Sequence();
} catch (IOException e) {
throw newCRLError(runtime, e);
}
}
revExts = Extensions.getInstance(new DERSequence(array));
} else {
revExts = null;
}
generator.addCRLEntry(serial, t1.getJavaDate(), revExts);
}
}
try {
for (int i = 0; i < extensions.size(); i++) {
X509Extension ext = (X509Extension) extensions.entry(i);
ASN1Encodable value = ext.getRealValue();
generator.addExtension(ext.getRealObjectID(), ext.isRealCritical(), value);
}
} catch (IOException e) {
throw newCRLError(runtime, e);
}
final PrivateKey privateKey = ((PKey) key).getPrivateKey();
try {
if (avoidJavaSecurity) {
// NOT IMPLEMENTED
} else {
// crl = generator.generate(((PKey) key).getPrivateKey());
}
/*
AlgorithmIdentifier keyAldID = new AlgorithmIdentifier(new ASN1ObjectIdentifier(keyAlg));
AlgorithmIdentifier digAldID = new AlgorithmIdentifier(new ASN1ObjectIdentifier(digAlg));
final BcContentSignerBuilder signerBuilder;
final AsymmetricKeyParameter signerPrivateKey;
if ( isDSA ) {
signerBuilder = new BcDSAContentSignerBuilder(keyAldID, digAldID);
DSAPrivateKey privateKey = (DSAPrivateKey) ((PKey) key).getPrivateKey();
DSAParameters params = new DSAParameters(
privateKey.getParams().getP(),
privateKey.getParams().getQ(),
privateKey.getParams().getG()
);
signerPrivateKey = new DSAPrivateKeyParameters(privateKey.getX(), params);
}
*/
ContentSigner signer = new JcaContentSignerBuilder(signatureAlgorithm).build(privateKey);
this.crlHolder = generator.build(signer);
this.crl = null;
} catch (IllegalStateException e) {
debugStackTrace(e);
throw newCRLError(runtime, e);
} catch (Exception e) {
debugStackTrace(e);
throw newCRLError(runtime, e.getMessage());
}
final ASN1Primitive crlVal = getCRLValue(runtime);
ASN1Sequence v1 = (ASN1Sequence) (((ASN1Sequence) crlVal).getObjectAt(0));
final ASN1EncodableVector build1 = new ASN1EncodableVector();
int copyIndex = 0;
if (v1.getObjectAt(0) instanceof ASN1Integer)
copyIndex++;
build1.add(new ASN1Integer(new BigInteger(version.toString())));
while (copyIndex < v1.size()) {
build1.add(v1.getObjectAt(copyIndex++));
}
final ASN1EncodableVector build2 = new ASN1EncodableVector();
build2.add(new DLSequence(build1));
build2.add(((ASN1Sequence) crlVal).getObjectAt(1));
build2.add(((ASN1Sequence) crlVal).getObjectAt(2));
this.crlValue = new DLSequence(build2);
changed = false;
return this;
}
Also used :
RubyTime(org.jruby.RubyTime)
PrivateKey(java.security.PrivateKey)
RubyArray(org.jruby.RubyArray)
JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)
RubyString(org.jruby.RubyString)
X500Name(org.bouncycastle.asn1.x500.X500Name)
Extensions(org.bouncycastle.asn1.x509.Extensions)
DERSequence(org.bouncycastle.asn1.DERSequence)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
X509v2CRLBuilder(org.bouncycastle.cert.X509v2CRLBuilder)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
Ruby(org.jruby.Ruby)
ContentSigner(org.bouncycastle.operator.ContentSigner)
IOException(java.io.IOException)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
RaiseException(org.jruby.exceptions.RaiseException)
GeneralSecurityException(java.security.GeneralSecurityException)
CRLException(java.security.cert.CRLException)
IOException(java.io.IOException)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
DLSequence(org.bouncycastle.asn1.DLSequence)
BigInteger(java.math.BigInteger)
ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive)
JRubyMethod(org.jruby.anno.JRubyMethod)
Example 15 with X509Extension
use of org.gudy.bouncycastle.asn1.x509.X509Extension in project jruby-openssl by jruby.
the class X509Cert method uniqueExtensions.
private Collection<X509Extension> uniqueExtensions() {
final Map<ASN1ObjectIdentifier, X509Extension> unique = new LinkedHashMap<ASN1ObjectIdentifier, X509Extension>();
for (X509Extension current : this.extensions) {
final ASN1ObjectIdentifier oid = current.getRealObjectID();
final X509Extension existing = unique.get(oid);
if (existing == null) {
unique.put(oid, current);
continue;
}
// commonly used e.g. with subjectAltName || issuserAltName :
if ("2.5.29.17".equals(oid.getId()) || "2.5.29.18".equals(oid.getId())) {
final ASN1EncodableVector vec = new ASN1EncodableVector();
try {
GeneralName[] n1 = extRealNames(existing);
for (int i = 0; i < n1.length; i++) vec.add(n1[i]);
GeneralName[] n2 = extRealNames(current);
for (int i = 0; i < n2.length; i++) vec.add(n2[i]);
GeneralNames nn = GeneralNames.getInstance(new DLSequence(vec));
final X509Extension existingDup = existing.clone();
existingDup.setRealValue(nn);
unique.put(oid, existingDup);
} catch (IOException ex) {
throw getRuntime().newIOErrorFromException(ex);
}
continue;
}
// TODO do we need special care for any others here ?!?
final ASN1EncodableVector vec = new ASN1EncodableVector();
try {
final ASN1Encodable existingValue = existing.getRealValue();
if (existingValue instanceof ASN1Sequence) {
final ASN1Sequence seq = (ASN1Sequence) existingValue;
for (int i = 0; i < seq.size(); i++) {
vec.add(seq.getObjectAt(i));
}
} else {
vec.add(existingValue);
}
vec.add(current.getRealValue());
// existing.setRealValue( new DLSequence(vec) );
final X509Extension existingDup = existing.clone();
existingDup.setRealValue(new DLSequence(vec));
unique.put(oid, existingDup);
} catch (IOException ex) {
throw getRuntime().newIOErrorFromException(ex);
}
}
return unique.values();
}
Also used :
IOException(java.io.IOException)
LinkedHashMap(java.util.LinkedHashMap)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
GeneralNames(org.bouncycastle.asn1.x509.GeneralNames)
DLSequence(org.bouncycastle.asn1.DLSequence)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Aggregations
Enumeration (java.util.Enumeration)14
IOException (java.io.IOException)11
X509Extension (org.gudy.bouncycastle.asn1.x509.X509Extension)11
DERObjectIdentifier (org.bouncycastle.asn1.DERObjectIdentifier)10
X509Extension (org.bouncycastle.asn1.x509.X509Extension)10
X509Extensions (org.bouncycastle.asn1.x509.X509Extensions)10
HashSet (java.util.HashSet)8
Set (java.util.Set)6
X509Extensions (org.gudy.bouncycastle.asn1.x509.X509Extensions)6
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)5
CertificateExpiredException (java.security.cert.CertificateExpiredException)4
CertificateNotYetValidException (java.security.cert.CertificateNotYetValidException)4
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)4
DERSequence (org.bouncycastle.asn1.DERSequence)4
DERObjectIdentifier (org.gudy.bouncycastle.asn1.DERObjectIdentifier)4
ByteArrayOutputStream (java.io.ByteArrayOutputStream)3
GeneralSecurityException (java.security.GeneralSecurityException)3
CRLException (java.security.cert.CRLException)3
ArrayList (java.util.ArrayList)3
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)3
