Example 21 with DerInputStream
use of org.mozilla.jss.netscape.security.util.DerInputStream in project jss by dogtagpki.
the class ExtensionsRequested method construct.
/**
* construct - expects this in the inputstream (from the router):
*
* 211 30 31: SEQUENCE {
* 213 06 10: OBJECT IDENTIFIER '2 16 840 1 113733 1 9 8'
* 225 31 17: SET {
* 227 04 15: OCTET STRING, encapsulates {
* 229 30 13: SEQUENCE {
* 231 30 11: SEQUENCE {
* 233 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
* 238 04 4: OCTET STRING
* : 03 02 05 A0
* : }
* : }
* : }
*
* or this (from IRE client):
*
* 262 30 51: SEQUENCE {
* 264 06 9: OBJECT IDENTIFIER extensionReq (1 2 840 113549 1 9 14)
* 275 31 38: SET {
* 277 30 36: SEQUENCE {
* 279 30 34: SEQUENCE {
* 281 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17)
* 286 04 27: OCTET STRING
* : 30 19 87 04 D0 0C 3E 6F 81 03 61 61 61 82 0C 61
* : 61 61 2E 6D 63 6F 6D 2E 63 6F 6D
* : }
* : }
* : }
* : }
*/
private void construct(DerValue dv) throws IOException {
DerInputStream stream = null;
try {
// try decoding as sequence first
stream = dv.toDerInputStream();
// consume stream
stream.getDerValue();
stream.reset();
// consume stream
stream.getSequence(2);
} catch (IOException ioe) {
// if it failed, the outer sequence may be
// encapsulated in an octet string, as in the first
// example above
byte[] octet_string = dv.getOctetString();
// Make a new input stream from the byte array,
// and re-parse it as a sequence.
dv = new DerValue(octet_string);
stream = dv.toDerInputStream();
// consume stream
stream.getSequence(2);
}
// now, the stream will be in the correct format
stream.reset();
while (true) {
DerValue ext_dv = null;
try {
ext_dv = stream.getDerValue();
} catch (IOException ex) {
break;
}
Extension ext = new Extension(ext_dv);
exts.addElement(ext);
}
}
Also used :
DerValue(org.mozilla.jss.netscape.security.util.DerValue)
DerInputStream(org.mozilla.jss.netscape.security.util.DerInputStream)
IOException(java.io.IOException)
Example 22 with DerInputStream
use of org.mozilla.jss.netscape.security.util.DerInputStream in project jss by dogtagpki.
the class RSAPSSAlgorithmParameters method decode.
private void decode(DerInputStream in, byte[] encoded) throws IOException {
if (in == null) {
throw new IOException("Invalid input: got null DerInputStream");
}
// Sequence has 3 members, trailer field ignored
DerValue[] seq = in.getSequence(3);
if (seq.length < 3 || seq.length > 4) {
throw new IOException("Invalid data! Expected a sequence with either 3 or 4 members; got " + seq.length);
}
if (seq[0].isContextSpecific((byte) 0)) {
seq[0] = seq[0].data.getDerValue();
} else {
throw new IOException("Invalid encoded data! Expecting OAEP-PSSDigestAlgorithms (hashAlgorithm).");
}
AlgorithmId algid = AlgorithmId.parse(seq[0]);
String specAlgName = getSpecAlgName(algid.getName());
String specMGF1Name = "";
// Now the MFG1 parameter hash fun is the same as the main hash func.
MGF1ParameterSpec specMFG1ParamSpec = new MGF1ParameterSpec(specAlgName);
if (seq[1].isContextSpecific((byte) 1)) {
seq[1] = seq[1].data.getDerValue();
} else {
throw new IOException("Invalid encoded data! Expecting OAEP-PSSDigestAlgorithms (maskGenAlgorithm).");
}
DerInputStream mgf1Str = new DerInputStream(seq[1].toByteArray());
DerValue[] seqMgf1 = mgf1Str.getSequence(2);
ObjectIdentifier mgf1OID = seqMgf1[0].getOID();
if (!mgf1OID.equals(AlgorithmId.MGF1_oid)) {
throw new IOException("Invalid encoded data: expected MGF1 OID but got: " + mgf1OID.toString());
} else {
specMGF1Name = "MGF1";
}
if (seq[2].isContextSpecific((byte) 2)) {
seq[2] = seq[2].data.getDerValue();
} else {
throw new IOException("Invalid encoded data! Expected INTEGER (saltLength).");
}
BigInt sLength = seq[2].getInteger();
this.spec = new PSSParameterSpec(specAlgName, specMGF1Name, specMFG1ParamSpec, sLength.toInt(), 1);
populateFromSpec();
}
Also used :
AlgorithmId(org.mozilla.jss.netscape.security.x509.AlgorithmId)
PSSParameterSpec(java.security.spec.PSSParameterSpec)
DerValue(org.mozilla.jss.netscape.security.util.DerValue)
BigInt(org.mozilla.jss.netscape.security.util.BigInt)
DerInputStream(org.mozilla.jss.netscape.security.util.DerInputStream)
IOException(java.io.IOException)
MGF1ParameterSpec(java.security.spec.MGF1ParameterSpec)
ObjectIdentifier(org.mozilla.jss.netscape.security.util.ObjectIdentifier)
Aggregations
DerInputStream (org.mozilla.jss.netscape.security.util.DerInputStream)22
DerValue (org.mozilla.jss.netscape.security.util.DerValue)20
IOException (java.io.IOException)15
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)5
ObjectIdentifier (org.mozilla.jss.netscape.security.util.ObjectIdentifier)5
MessageDigest (java.security.MessageDigest)4
BitArray (org.mozilla.jss.netscape.security.util.BitArray)4
KeyIdentifier (org.mozilla.jss.netscape.security.x509.KeyIdentifier)4
CRLException (java.security.cert.CRLException)3
AuthorityKeyIdentifierExtension (org.mozilla.jss.netscape.security.x509.AuthorityKeyIdentifierExtension)3
InvalidKeyException (java.security.InvalidKeyException)2
BigInteger (java.math.BigInteger)1
NoSuchProviderException (java.security.NoSuchProviderException)1
Provider (java.security.Provider)1
CertificateException (java.security.cert.CertificateException)1
CertificateParsingException (java.security.cert.CertificateParsingException)1
X509Certificate (java.security.cert.X509Certificate)1
InvalidParameterSpecException (java.security.spec.InvalidParameterSpecException)1
MGF1ParameterSpec (java.security.spec.MGF1ParameterSpec)1
PSSParameterSpec (java.security.spec.PSSParameterSpec)1
