Search in sources :

Example 6 with DerValue

use of org.mozilla.jss.netscape.security.util.DerValue in project jss by dogtagpki.

the class X509CertImpl method parse.

/**
 *********************************************************
 */
/*
     * Cert is a SIGNED ASN.1 macro, a three elment sequence:
     *
     *	- Data to be signed (ToBeSigned) -- the "raw" cert
     *	- Signature algorithm (SigAlgId)
     *	- The signature bits
     *
     * This routine unmarshals the certificate, saving the signature
     * parts away for later verification.
     */
private void parse(DerValue val) throws CertificateException, IOException {
    // check if can over write the certificate
    if (readOnly)
        throw new CertificateParsingException("Cannot overwrite existing certificate");
    readOnly = true;
    DerValue[] seq = new DerValue[3];
    seq[0] = val.data.getDerValue();
    seq[1] = val.data.getDerValue();
    seq[2] = val.data.getDerValue();
    if (val.data.available() != 0) {
        throw new CertificateParsingException("signed overrun, bytes = " + val.data.available());
    }
    if (seq[0].tag != DerValue.tag_Sequence) {
        throw new CertificateParsingException("signed fields invalid");
    }
    algId = AlgorithmId.parse(seq[1]);
    signature = seq[2].getBitString();
    if (seq[1].data.available() != 0) {
        throw new CertificateParsingException("algid field overrun");
    }
    if (seq[2].data.available() != 0)
        throw new CertificateParsingException("signed fields overrun");
    // The CertificateInfo
    if (info == null) {
        info = new X509CertInfo(seq[0]);
    }
}
Also used : CertificateParsingException(java.security.cert.CertificateParsingException) DerValue(org.mozilla.jss.netscape.security.util.DerValue)

Example 7 with DerValue

use of org.mozilla.jss.netscape.security.util.DerValue in project jss by dogtagpki.

the class SubjectDirAttributesExtension method decodeThis.

// Decode this extension value
private void decodeThis(DerValue derVal) throws IOException {
    if (derVal.tag != DerValue.tag_Sequence) {
        throw new IOException("Invalid encoding for " + "Subject Directory Attribute extension.");
    }
    if (derVal.data.available() == 0) {
        throw new IOException(NAME + " No data available in " + "passed DER encoded value.");
    }
    // Decode all the Attributes
    while (derVal.data.available() != 0) {
        DerValue encAttr = derVal.data.getDerValue();
        Attribute attr = new Attribute(encAttr);
        attrList.addElement(attr);
    }
}
Also used : DerValue(org.mozilla.jss.netscape.security.util.DerValue) IOException(java.io.IOException)

Example 8 with DerValue

use of org.mozilla.jss.netscape.security.util.DerValue in project jss by dogtagpki.

the class SubjectDirAttributesExtension method decode.

/**
 * Decode the extension from the InputStream.
 *
 * @param in the InputStream to unmarshal the contents from.
 * @exception IOException on decoding or validity errors.
 */
@Override
public void decode(InputStream in) throws IOException {
    DerValue val = new DerValue(in);
    decodeThis(val);
}
Also used : DerValue(org.mozilla.jss.netscape.security.util.DerValue)

Example 9 with DerValue

use of org.mozilla.jss.netscape.security.util.DerValue in project jss by dogtagpki.

the class PKCS8Key method decode.

/**
 * Initialize an PKCS8Key object from an input stream. The data
 * on that input stream must be encoded using DER, obeying the
 * PKCS#8 format: a sequence consisting of a version, an algorithm
 * ID and a bit string which holds the key. (That bit string is
 * often used to encapsulate another DER encoded sequence.)
 *
 * <P>
 * Subclasses should not normally redefine this method; they should instead provide a <code>parseKeyBits</code>
 * method to parse any fields inside the <code>key</code> member.
 *
 * @param in an input stream with a DER-encoded PKCS#8
 *            SubjectPublicKeyInfo value
 *
 * @exception InvalidKeyException if a parsing error occurs.
 */
public void decode(InputStream in) throws InvalidKeyException {
    DerValue val;
    try {
        val = new DerValue(in);
        if (val.tag != DerValue.tag_Sequence)
            throw new InvalidKeyException("invalid key format");
        BigInteger version = val.data.getInteger().toBigInteger();
        if (!version.equals(PKCS8Key.VERSION)) {
            throw new IOException("version mismatch: (supported: " + PKCS8Key.VERSION + ", parsed: " + version);
        }
        algid = AlgorithmId.parse(val.data.getDerValue());
        key = val.data.getOctetString();
        parseKeyBits();
        if (val.data.available() != 0)
            throw new InvalidKeyException("excess key data");
    } catch (IOException e) {
        // e.printStackTrace ();
        throw new InvalidKeyException("IOException : " + e.getMessage());
    }
}
Also used : DerValue(org.mozilla.jss.netscape.security.util.DerValue) BigInteger(java.math.BigInteger) IOException(java.io.IOException) InvalidKeyException(java.security.InvalidKeyException)

Example 10 with DerValue

use of org.mozilla.jss.netscape.security.util.DerValue in project jss by dogtagpki.

the class PKCS7 method encodeSignedData.

/**
 * Encodes the signed data to a DerOutputStream.
 *
 * @param out the DerOutputStream to write the encoded data to.
 * @exception IOException on encoding errors.
 */
public void encodeSignedData(DerOutputStream out, boolean sort) throws IOException {
    DerOutputStream signedData = new DerOutputStream();
    // version
    signedData.putInteger(version);
    // digestAlgorithmIds
    signedData.putOrderedSetOf(DerValue.tag_Set, digestAlgorithmIds);
    // contentInfo
    contentInfo.encode(signedData);
    // cast to X509CertImpl[] since X509CertImpl implements DerEncoder
    X509CertImpl[] implCerts = new X509CertImpl[certificates.length];
    try {
        for (int i = 0; i < certificates.length; i++) {
            implCerts[i] = (X509CertImpl) certificates[i];
        }
    } catch (ClassCastException e) {
        throw new IOException("Certificates in PKCS7 must be of class " + "org.mozilla.jss.netscape.security.X509CertImpl: " + e.getMessage(), e);
    }
    // to the signed data
    if (sort) {
        signedData.putOrderedSetOf((byte) 0xA0, implCerts);
    } else {
        signedData.putSet((byte) 0xA0, implCerts);
    }
    // no crls (OPTIONAL field)
    // signerInfos
    signedData.putOrderedSetOf(DerValue.tag_Set, signerInfos);
    // making it a signed data block
    DerValue signedDataSeq = new DerValue(DerValue.tag_Sequence, signedData.toByteArray());
    // making it a content info sequence
    ContentInfo block = new ContentInfo(ContentInfo.SIGNED_DATA_OID, signedDataSeq);
    // writing out the contentInfo sequence
    block.encode(out);
}
Also used : DerOutputStream(org.mozilla.jss.netscape.security.util.DerOutputStream) X509CertImpl(org.mozilla.jss.netscape.security.x509.X509CertImpl) DerValue(org.mozilla.jss.netscape.security.util.DerValue) IOException(java.io.IOException)

Aggregations

DerValue (org.mozilla.jss.netscape.security.util.DerValue)70 IOException (java.io.IOException)31 DerInputStream (org.mozilla.jss.netscape.security.util.DerInputStream)20 DerOutputStream (org.mozilla.jss.netscape.security.util.DerOutputStream)8 ObjectIdentifier (org.mozilla.jss.netscape.security.util.ObjectIdentifier)8 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)5 ByteBuffer (java.nio.ByteBuffer)4 CharBuffer (java.nio.CharBuffer)4 CharacterCodingException (java.nio.charset.CharacterCodingException)4 CharsetEncoder (java.nio.charset.CharsetEncoder)4 MessageDigest (java.security.MessageDigest)4 CRLException (java.security.cert.CRLException)4 BitArray (org.mozilla.jss.netscape.security.util.BitArray)4 AuthorityKeyIdentifierExtension (org.mozilla.jss.netscape.security.x509.AuthorityKeyIdentifierExtension)4 KeyIdentifier (org.mozilla.jss.netscape.security.x509.KeyIdentifier)4 ByteArrayOutputStream (java.io.ByteArrayOutputStream)3 InvalidKeyException (java.security.InvalidKeyException)3 BigInt (org.mozilla.jss.netscape.security.util.BigInt)3 GeneralName (org.mozilla.jss.netscape.security.x509.GeneralName)3 CertificateException (java.security.cert.CertificateException)2