Examples with DerValue org.mozilla.jss.netscape.security.util.DerValue used on opensource projects

Example 56 with DerValue

use of org.mozilla.jss.netscape.security.util.DerValue in project jss by dogtagpki.

the class AccessDescription method readObject.

/**
 * For serialization
 * Note that GeneralName is not serializable. That is
 * why we need to define our own serialization method.
 */
private void readObject(java.io.ObjectInputStream in) throws IOException {
    DerValue val = new DerValue(in);
    DerValue seq = val.data.getDerValue();
    mOID = seq.getOID();
    DerValue derLoc = val.data.getDerValue();
    mLocation = new GeneralName(derLoc);
}

Example 57 with DerValue

use of org.mozilla.jss.netscape.security.util.DerValue in project jss by dogtagpki.

the class EnumerationZeroTest method buildAuthorityKeyIdentifier.

/**
 * Calculate the KeyIdentifier for an RSAPublicKey and place it in an AuthorityKeyIdentifier extension.
 *
 * Java encodes RSA public keys using the SubjectPublicKeyInfo type described in RFC 5280.
 * <pre>
 * SubjectPublicKeyInfo  ::=  SEQUENCE  {
 *   algorithm            AlgorithmIdentifier,
 *   subjectPublicKey     BIT STRING  }
 *
 * AlgorithmIdentifier  ::=  SEQUENCE  {
 *   algorithm               OBJECT IDENTIFIER,
 *   parameters              ANY DEFINED BY algorithm OPTIONAL  }
 * </pre>
 *
 * A KeyIdentifier is a SHA-1 digest of the subjectPublicKey bit string from the ASN.1 above.
 *
 * @param key the RSAPublicKey to use
 * @return an AuthorityKeyIdentifierExtension based on the key
 * @throws IOException if we can't construct a MessageDigest object.
 */
public static AuthorityKeyIdentifierExtension buildAuthorityKeyIdentifier(RSAPublicKey key) throws IOException {
    try {
        MessageDigest d = MessageDigest.getInstance("SHA-1");
        byte[] encodedKey = key.getEncoded();
        DerInputStream s = new DerValue(encodedKey).toDerInputStream();
        // Skip the first item in the sequence, AlgorithmIdentifier.
        // The parameter, startLen, is required for skipSequence although it's unused.
        s.skipSequence(0);
        // Get the subjectPublicKey bit string
        BitArray b = s.getUnalignedBitString();
        byte[] digest = d.digest(b.toByteArray());
        KeyIdentifier ki = new KeyIdentifier(digest);
        return new AuthorityKeyIdentifierExtension(ki, null, null);
    } catch (NoSuchAlgorithmException e) {
        throw new IOException("Could not find SHA1 implementation", e);
    }
}

Example 58 with DerValue

use of org.mozilla.jss.netscape.security.util.DerValue in project jss by dogtagpki.

the class ConverterTestUtil method convert.

public static byte[] convert(AVAValueConverter converter, String string, byte[] tags) throws Exception {
    DerOutputStream os = new DerOutputStream();
    DerValue value = converter.getValue(string, tags);
    value.encode(os);
    return os.toByteArray();
}

Example 59 with DerValue

use of org.mozilla.jss.netscape.security.util.DerValue in project jss by dogtagpki.

the class X509CertInfo method decode.

/**
 * Decode an X.509 certificate from an input stream.
 *
 * @param in an input stream holding at least one certificate
 * @exception CertificateParsingException on decoding errors.
 * @exception IOException on other errors.
 */
@Override
public void decode(InputStream in) throws CertificateParsingException, IOException {
    DerValue val = new DerValue(in);
    parse(val);
}

Example 60 with DerValue

use of org.mozilla.jss.netscape.security.util.DerValue in project jss by dogtagpki.

the class X509CertInfo method parse.

/*
     * This routine unmarshals the certificate information.
     */
private void parse(DerValue val) throws CertificateParsingException, IOException {
    DerInputStream in;
    DerValue tmp;
    if (val.tag != DerValue.tag_Sequence) {
        throw new CertificateParsingException("signed fields invalid");
    }
    rawCertInfo = val.toByteArray();
    in = val.data;
    // Version
    tmp = in.getDerValue();
    if (tmp.isContextSpecific((byte) 0)) {
        version = new CertificateVersion(tmp);
        tmp = in.getDerValue();
    }
    // Serial number ... an integer
    serialNum = new CertificateSerialNumber(tmp);
    // Algorithm Identifier
    algId = new CertificateAlgorithmId(in);
    // Issuer name
    issuer = new CertificateIssuerName(in);
    // validity:  SEQUENCE { start date, end date }
    interval = new CertificateValidity(in);
    // subject name
    subject = new CertificateSubjectName(in);
    // public key
    pubKey = new CertificateX509Key(in);
    // If more data available, make sure version is not v1.
    if (in.available() != 0) {
        if (version.compare(CertificateVersion.V1) == 0) {
            throw new CertificateParsingException("excess cert data");
        }
    } else {
        return;
    }
    // Get the issuerUniqueId if present
    tmp = in.getDerValue();
    if (tmp.isContextSpecific((byte) 1)) {
        issuerUniqueId = new CertificateIssuerUniqueIdentity(tmp);
        if (in.available() == 0) {
            return;
        }
        tmp = in.getDerValue();
    }
    // Get the subjectUniqueId if present.
    if (tmp.isContextSpecific((byte) 2)) {
        subjectUniqueId = new CertificateSubjectUniqueIdentity(tmp);
        if (in.available() == 0) {
            return;
        }
        tmp = in.getDerValue();
    }
    // Get the extensions.
    if (version.compare(CertificateVersion.V3) != 0) {
        throw new CertificateParsingException("excess cert data");
    }
    if (tmp.isConstructed() && tmp.isContextSpecific((byte) 3)) {
        extensions = new CertificateExtensions(tmp.data);
    }
}