Examples with NULL org.mozilla.jss.asn1.NULL used on opensource projects

Example 41 with NULL

use of org.mozilla.jss.asn1.NULL in project jss by dogtagpki.

the class FreshestCRLExtension method main.

/**
 * Test driver.
 */
public static void main(String[] args) {
    BufferedOutputStream bos = null;
    try {
        if (args.length != 1) {
            System.out.println("Usage: FreshestCRLExtentions " + "<outfile>");
            System.exit(-1);
        }
        bos = new BufferedOutputStream(new FileOutputStream(args[0]));
        // URI only
        CRLDistributionPoint cdp = new CRLDistributionPoint();
        URIName uri = new URIName("http://www.mycrl.com/go/here");
        GeneralNames generalNames = new GeneralNames();
        generalNames.addElement(uri);
        cdp.setFullName(generalNames);
        FreshestCRLExtension crldpExt = new FreshestCRLExtension(cdp);
        // DN only
        cdp = new CRLDistributionPoint();
        X500Name dn = new X500Name("CN=Otis Smith,E=otis@fedoraproject.org" + ",OU=Certificate Server,O=Fedora,C=US");
        generalNames = new GeneralNames();
        generalNames.addElement(dn);
        cdp.setFullName(generalNames);
        crldpExt.addPoint(cdp);
        // DN + reason
        BitArray ba = new BitArray(5, new byte[] { (byte) 0x28 });
        cdp = new CRLDistributionPoint();
        cdp.setFullName(generalNames);
        cdp.setReasons(ba);
        crldpExt.addPoint(cdp);
        // relative DN + reason + crlIssuer
        cdp = new CRLDistributionPoint();
        RDN rdn = new RDN("OU=foobar dept");
        cdp.setRelativeName(rdn);
        cdp.setReasons(ba);
        cdp.setCRLIssuer(generalNames);
        crldpExt.addPoint(cdp);
        crldpExt.setCritical(true);
        crldpExt.encode(bos);
    } catch (Exception e) {
        e.printStackTrace();
    } finally {
        if (bos != null) {
            try {
                bos.close();
            } catch (IOException e) {
                e.printStackTrace();
            }
        }
    }
}

Example 42 with NULL

use of org.mozilla.jss.asn1.NULL in project jss by dogtagpki.

the class EC method decodeNSSOID.

public static ECParameterSpec decodeNSSOID(byte[] data) {
    int offset = 0;
    if (data[offset] == 0x00) {
        offset += 1;
    }
    ASN1Value value;
    try {
        value = ASN1Util.decode(OBJECT_IDENTIFIER.getTemplate(), Arrays.copyOfRange(data, offset, data.length));
        if (!(value instanceof OBJECT_IDENTIFIER)) {
            throw new RuntimeException("Unrecognized byte data: " + Utils.HexEncode(data));
        }
    } catch (Exception e) {
        throw new RuntimeException(e.getMessage() + "\nData: " + Utils.HexEncode(data), e);
    }
    OBJECT_IDENTIFIER oid = (OBJECT_IDENTIFIER) value;
    ECCurve curve = ECCurve.fromOID(oid);
    if (curve == null) {
        throw new RuntimeException("Unrecognized curve: " + Utils.HexEncode(data) + " == OID " + oid);
    }
    return curve.getECParameterSpec();
}

Example 43 with NULL

use of org.mozilla.jss.asn1.NULL in project jss by dogtagpki.

the class PKCS12Util method getCertInfo.

public PKCS12CertInfo getCertInfo(SafeBag bag) throws Exception {
    PKCS12CertInfo certInfo = new PKCS12CertInfo();
    CertBag certBag = (CertBag) bag.getInterpretedBagContent();
    OCTET_STRING certStr = (OCTET_STRING) certBag.getInterpretedCert();
    byte[] x509cert = certStr.toByteArray();
    // generate cert ID from SHA-1 hash of cert data
    byte[] id = SafeBag.getLocalKeyIDFromCert(x509cert);
    certInfo.setID(id);
    logger.debug("   Certificate ID: " + Utils.HexEncode(id));
    X509CertImpl cert = new X509CertImpl(x509cert);
    certInfo.setCert(cert);
    X500Principal subjectDN = cert.getSubjectX500Principal();
    logger.debug("   Subject DN: " + subjectDN);
    SET bagAttrs = bag.getBagAttributes();
    for (int i = 0; bagAttrs != null && i < bagAttrs.size(); i++) {
        Attribute attr = (Attribute) bagAttrs.elementAt(i);
        OBJECT_IDENTIFIER oid = attr.getType();
        if (oid.equals(SafeBag.FRIENDLY_NAME)) {
            SET values = attr.getValues();
            ANY value = (ANY) values.elementAt(0);
            ByteArrayInputStream bis = new ByteArrayInputStream(value.getEncoded());
            BMPString friendlyName = (BMPString) (new BMPString.Template()).decode(bis);
            certInfo.setFriendlyName(friendlyName.toString());
            logger.debug("   Friendly name: " + certInfo.getFriendlyName());
        } else if (oid.equals(SafeBag.LOCAL_KEY_ID)) {
            SET values = attr.getValues();
            ANY value = (ANY) values.elementAt(0);
            ByteArrayInputStream bis = new ByteArrayInputStream(value.getEncoded());
            OCTET_STRING keyIdAsn1 = (OCTET_STRING) new OCTET_STRING.Template().decode(bis);
            byte[] keyID = keyIdAsn1.toByteArray();
            certInfo.setKeyID(keyID);
            logger.debug("   Key ID: " + Utils.HexEncode(keyID));
        } else if (oid.equals(PKCS12.CERT_TRUST_FLAGS_OID) && trustFlagsEnabled) {
            SET values = attr.getValues();
            ANY value = (ANY) values.elementAt(0);
            ByteArrayInputStream is = new ByteArrayInputStream(value.getEncoded());
            BMPString trustFlagsAsn1 = (BMPString) (new BMPString.Template()).decode(is);
            String trustFlags = trustFlagsAsn1.toString();
            certInfo.setTrustFlags(trustFlags);
            logger.debug("   Trust flags: " + trustFlags);
        } else {
            logger.warn("   " + oid + ": " + attr.getValues());
        }
    }
    if (certInfo.getFriendlyName() == null) {
        logger.debug("   Generating new friendly name");
        LdapName dn = new LdapName(subjectDN.getName());
        ArrayList<String> values = new ArrayList<>();
        // The getRdns method returns the list in reverse order
        // therefore, we must traverse in reverse order.
        List<Rdn> rdns = dn.getRdns();
        for (int i = rdns.size() - 1; i >= 0; i--) {
            Rdn rdn = rdns.get(i);
            values.add(rdn.getValue().toString());
        }
        String friendlyName = StringUtils.join(values, " - ");
        certInfo.setFriendlyName(friendlyName);
        logger.debug("   Friendly name: " + friendlyName);
    }
    return certInfo;
}

Example 44 with NULL

use of org.mozilla.jss.asn1.NULL in project jss by dogtagpki.

the class PKCS12Util method generatePFX.

public PFX generatePFX(PKCS12 pkcs12, Password password) throws Exception {
    logger.info("Generating PKCS #12 data");
    AuthenticatedSafes authSafes = new AuthenticatedSafes();
    Collection<PKCS12KeyInfo> keyInfos = pkcs12.getKeyInfos();
    Collection<PKCS12CertInfo> certInfos = pkcs12.getCertInfos();
    if (!keyInfos.isEmpty()) {
        SEQUENCE keySafeContents = new SEQUENCE();
        for (PKCS12KeyInfo keyInfo : keyInfos) {
            addKeyBag(keyInfo, password, keySafeContents);
        }
        authSafes.addSafeContents(keySafeContents);
    }
    if (!certInfos.isEmpty()) {
        SEQUENCE certSafeContents = new SEQUENCE();
        for (PKCS12CertInfo certInfo : certInfos) {
            addCertBag(certInfo, certSafeContents);
        }
        if (certEncryption == null) {
            authSafes.addSafeContents(certSafeContents);
        } else if (certEncryption == PBEAlgorithm.PBE_SHA1_RC2_40_CBC) {
            byte[] salt = new byte[16];
            random.nextBytes(salt);
            authSafes.addEncryptedSafeContents(certEncryption, password, salt, // iterations
            100000, certSafeContents);
        } else {
            throw new Exception("Unsupported certificate encryption: " + certEncryption);
        }
    }
    PFX pfx = new PFX(authSafes);
    // Use the same salt size and number of iterations as in pk12util.
    byte[] salt = new byte[16];
    random.nextBytes(salt);
    pfx.computeMacData(password, salt, 100000);
    return pfx;
}

Example 45 with NULL

use of org.mozilla.jss.asn1.NULL in project jss by dogtagpki.

the class CertPrettyPrint method pkcs7toString.

public String pkcs7toString(Locale clientLocale) {
    StringBuffer content = new StringBuffer();
    try {
        mX509Cert = new X509CertImpl(mCert_b);
        return toString(clientLocale);
    } catch (Exception e) {
    }
    ContentInfo ci = null;
    try {
        ci = (ContentInfo) ASN1Util.decode(ContentInfo.getTemplate(), mCert_b);
    } catch (Exception e) {
        return "";
    }
    if (ci.getContentType().equals(ContentInfo.SIGNED_DATA)) {
        SignedData sd = null;
        try {
            sd = (SignedData) ci.getInterpretedContent();
        } catch (Exception e) {
            return "";
        }
        if (sd.hasCertificates()) {
            SET certs = sd.getCertificates();
            for (int i = 0; i < certs.size(); i++) {
                org.mozilla.jss.pkix.cert.Certificate cert = (org.mozilla.jss.pkix.cert.Certificate) certs.elementAt(i);
                X509CertImpl certImpl = null;
                try {
                    certImpl = new X509CertImpl(ASN1Util.encode(cert));
                } catch (Exception e) {
                }
                CertPrettyPrint print = new CertPrettyPrint(certImpl);
                content.append(print.toString(Locale.getDefault()));
                content.append("\n");
            }
            return content.toString();
        }
    }
    return content.toString();
}