Examples with DerOutputStream org.mozilla.jss.netscape.security.util.DerOutputStream used on opensource projects

Example 1 with DerOutputStream

use of org.mozilla.jss.netscape.security.util.DerOutputStream in project jss by dogtagpki.

the class StringTestUtil method normalizeUnicode.

public static byte[] normalizeUnicode(byte[] data) throws Exception {
    try (DerOutputStream os = new DerOutputStream()) {
        DerValue value = new DerValue(data);
        byte[] tmp = value.data.toByteArray();
        if (tmp[0] == -2 && tmp[1] == -1) {
            // remove optional big-endian byte-order mark
            byte tag = value.tag;
            int length = value.length() - 2;
            os.putTag((byte) 0, false, tag);
            os.putLength(length);
            os.write(tmp, 2, length);
            return os.toByteArray();
        }
        return data;
    }
}

Example 2 with DerOutputStream

use of org.mozilla.jss.netscape.security.util.DerOutputStream in project jss by dogtagpki.

the class BigObjectIdentifier method main.

public static void main(String[] args) throws Exception {
    long[] oid_components_long = { 1L, 3L, 6L, 1L, 4L, 1L, 5000L, 9L, 1L, 1L, 1526913300628L, 1L };
    int[] oid_components_int = { 1, 3, 6, 1, 4, 1, 2312, 9, 1, 1, 15269, 1, 1 };
    BigInteger[] oid_components_big_int = { new BigInteger("1"), new BigInteger("3"), new BigInteger("6"), new BigInteger("1"), new BigInteger("4"), new BigInteger("1"), new BigInteger("2312"), new BigInteger("9"), new BigInteger("1"), new BigInteger("152691330062899999999999997777788888888888888889999999999999999"), new BigInteger("1") };
    String oidIn = "1.3.6.1.4.1.2312.9.1.152691330062899999999999997777788888888888888889999999999999999.1";
    ObjectIdentifier oid = new ObjectIdentifier(oidIn);
    ObjectIdentifier fromDer = null;
    ObjectIdentifier fromStaticMethod = null;
    ObjectIdentifier fromComponentList = null;
    ObjectIdentifier fromComponentListInt = null;
    ObjectIdentifier fromComponentListBigInt = null;
    System.out.println("oid: " + oid.toString());
    DerOutputStream out = new DerOutputStream();
    oid.encode(out);
    DerInputStream in = new DerInputStream(out.toByteArray());
    fromDer = new ObjectIdentifier(in);
    System.out.println("fromDer: " + fromDer.toString());
    fromStaticMethod = ObjectIdentifier.getObjectIdentifier(oidIn);
    System.out.println("fromStaticMethod: " + fromStaticMethod.toString());
    fromComponentList = new ObjectIdentifier(oid_components_long);
    System.out.println("fromComponentList: " + fromComponentList.toString());
    fromComponentListInt = new ObjectIdentifier(oid_components_int);
    System.out.println("fromComponentListInt: " + fromComponentListInt);
    fromComponentListBigInt = new ObjectIdentifier(oid_components_big_int);
    System.out.println("fromComponentListBigInt: " + fromComponentListBigInt);
}

Example 3 with DerOutputStream

use of org.mozilla.jss.netscape.security.util.DerOutputStream in project jss by dogtagpki.

the class X509CRLImpl method sign.

/**
 * Encodes an X.509 CRL, and signs it using the key
 * passed.
 *
 * @param key the private key used for signing.
 * @param algorithm the name of the signature algorithm used.
 * @param provider the name of the provider.
 *
 * @exception NoSuchAlgorithmException on unsupported signature
 *                algorithms.
 * @exception InvalidKeyException on incorrect key.
 * @exception NoSuchProviderException on incorrect provider.
 * @exception SignatureException on signature errors.
 * @exception CRLException if any mandatory data was omitted.
 * @exception X509ExtensionException on any extension errors.
 */
public void sign(PrivateKey key, String algorithm, String provider) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException, X509ExtensionException {
    try (DerOutputStream out = new DerOutputStream()) {
        if (readOnly)
            throw new CRLException("cannot over-write existing CRL");
        Signature sigEngine = null;
        if (provider == null)
            sigEngine = Signature.getInstance(algorithm);
        else
            sigEngine = Signature.getInstance(algorithm, provider);
        sigEngine.initSign(key);
        // in case the name is reset
        sigAlgId = AlgorithmId.get(sigEngine.getAlgorithm());
        infoSigAlgId = sigAlgId;
        DerOutputStream tmp = new DerOutputStream();
        // encode crl info
        encodeInfo(tmp);
        // encode algorithm identifier
        sigAlgId.encode(tmp);
        // Create and encode the signature itself.
        sigEngine.update(tbsCertList, 0, tbsCertList.length);
        signature = sigEngine.sign();
        tmp.putBitString(signature);
        // Wrap the signed data in a SEQUENCE { data, algorithm, sig }
        out.write(DerValue.tag_Sequence, tmp);
        signedCRL = out.toByteArray();
        readOnly = true;
    } catch (IOException e) {
        throw new CRLException("Error while encoding data: " + e.getMessage());
    }
}

Example 4 with DerOutputStream

use of org.mozilla.jss.netscape.security.util.DerOutputStream in project jss by dogtagpki.

the class X509CRLImpl method encodeInfo.

/**
 * Encodes the "to-be-signed" CRL to the OutputStream.
 *
 * @param out the OutputStream to write to.
 * @exception CRLException on encoding errors.
 * @exception X509ExtensionException on extension encoding errors.
 */
public void encodeInfo(OutputStream out) throws CRLException, X509ExtensionException {
    try (DerOutputStream seq = new DerOutputStream()) {
        DerOutputStream tmp = new DerOutputStream();
        DerOutputStream rCerts = new DerOutputStream();
        if (// v2 crl encode version
        version != 0)
            tmp.putInteger(new BigInt(version));
        infoSigAlgId.encode(tmp);
        issuer.encode(tmp);
        // from 2050 should encode GeneralizedTime
        tmp.putUTCTime(thisUpdate);
        if (nextUpdate != null)
            tmp.putUTCTime(nextUpdate);
        if (!revokedCerts.isEmpty()) {
            for (Enumeration<RevokedCertificate> e = revokedCerts.elements(); e.hasMoreElements(); ) ((RevokedCertImpl) e.nextElement()).encode(rCerts);
            tmp.write(DerValue.tag_Sequence, rCerts);
        }
        if (extensions != null)
            extensions.encode(tmp, isExplicit);
        seq.write(DerValue.tag_Sequence, tmp);
        tbsCertList = seq.toByteArray();
        out.write(tbsCertList);
    } catch (IOException e) {
        throw new CRLException("Encoding error: " + e.getMessage());
    }
}

Example 5 with DerOutputStream

use of org.mozilla.jss.netscape.security.util.DerOutputStream in project jss by dogtagpki.

the class SubjectDirAttributesExtension method encodeThis.

// Encode this extension value
private void encodeThis() throws IOException {
    try (DerOutputStream out = new DerOutputStream()) {
        DerOutputStream tmp = new DerOutputStream();
        // encoding the attributes
        Enumeration<Attribute> attrs = attrList.elements();
        while (attrs.hasMoreElements()) {
            Attribute attr = attrs.nextElement();
            attr.encode(tmp);
        }
        out.write(DerValue.tag_SequenceOf, tmp);
        this.extensionValue = out.toByteArray();
    }
}