Example 11 with DerValue
use of org.mozilla.jss.netscape.security.util.DerValue in project jss by dogtagpki.
the class PKCS7 method parseSignedData.
private void parseSignedData(DerValue val) throws ParsingException, IOException {
DerInputStream dis = val.toDerInputStream();
// Version
version = dis.getInteger();
// digestAlgorithmIds
DerValue[] digestAlgorithmIdVals = dis.getSet(1);
int len = digestAlgorithmIdVals.length;
digestAlgorithmIds = new AlgorithmId[len];
try {
for (int i = 0; i < len; i++) {
DerValue oid = digestAlgorithmIdVals[i];
digestAlgorithmIds[i] = AlgorithmId.parse(oid);
}
} catch (IOException e) {
ParsingException pe = new ParsingException("Error parsing digest AlgorithmId IDs: " + e.getMessage());
pe.fillInStackTrace();
throw pe;
}
// contentInfo
contentInfo = new ContentInfo(dis);
/*
* check if certificates (implicit tag) are provided
* (certificates are OPTIONAL)
*/
if ((byte) (dis.peekByte()) == (byte) 0xA0) {
DerValue[] certificateVals = dis.getSet(2, true);
len = certificateVals.length;
certificates = new X509Certificate[len];
for (int i = 0; i < len; i++) {
try {
X509Certificate cert = new X509CertImpl(certificateVals[i]);
certificates[i] = cert;
} catch (CertificateException e) {
ParsingException pe = new ParsingException("CertificateException: " + e.getMessage());
pe.fillInStackTrace();
throw pe;
}
}
}
// check if crls (implicit tag) are provided (crls are OPTIONAL)
if ((byte) (dis.peekByte()) == (byte) 0xA1) {
dis.getSet(0, true);
}
// signerInfos
DerValue[] signerInfoVals = dis.getSet(1);
len = signerInfoVals.length;
signerInfos = new SignerInfo[len];
for (int i = 0; i < len; i++) {
DerInputStream in = signerInfoVals[i].toDerInputStream();
signerInfos[i] = new SignerInfo(in);
}
}
Also used :
DerValue(org.mozilla.jss.netscape.security.util.DerValue)
X509CertImpl(org.mozilla.jss.netscape.security.x509.X509CertImpl)
DerInputStream(org.mozilla.jss.netscape.security.util.DerInputStream)
CertificateException(java.security.cert.CertificateException)
IOException(java.io.IOException)
X509Certificate(java.security.cert.X509Certificate)
Example 12 with DerValue
use of org.mozilla.jss.netscape.security.util.DerValue in project jss by dogtagpki.
the class PKCS9Attribute method decode.
/**
* Decode a PKCS9 attribute.
*
* @param val
* the DerValue representing the DER encoding of the attribute.
*/
private void decode(DerValue derVal) throws IOException {
DerInputStream derIn = new DerInputStream(derVal.toByteArray());
DerValue[] val = derIn.getSequence(2);
if (derIn.available() != 0)
throw new IOException("Excess data parsing PKCS9Attribute");
if (val.length != 2)
throw new IOException("PKCS9Attribute doesn't have two components");
DerValue[] elems;
// get the oid
ObjectIdentifier oid = val[0].getOID();
index = indexOf(oid, PKCS9_OIDS, 1);
Byte tag;
if (index == -1)
throw new IOException("Invalid OID for PKCS9 attribute: " + oid);
elems = new DerInputStream(val[1].toByteArray()).getSet(1);
// check single valued have only one value
if (SINGLE_VALUED[index] && elems.length > 1)
throwSingleValuedException();
// check for illegal element tags
for (int i = 0; i < elems.length; i++) {
tag = Byte.valueOf(elems[i].tag);
if (indexOf(tag, PKCS9_VALUE_TAGS[index], 0) == -1)
throwTagException(tag);
}
switch(index) {
// email address
case 1:
// unstructured name
case 2:
case // unstructured address
8:
{
// open scope
String[] values = new String[elems.length];
for (int i = 0; i < elems.length; i++) values[i] = elems[i].getAsString();
value = values;
}
// close scope
break;
case // content type
3:
value = elems[0].getOID();
break;
case // message digest
4:
value = elems[0].getOctetString();
break;
case // signing time
5:
value = (new DerInputStream(elems[0].toByteArray())).getUTCTime();
break;
case // countersignature
6:
{
// open scope
SignerInfo[] values = new SignerInfo[elems.length];
for (int i = 0; i < elems.length; i++) values[i] = new SignerInfo(elems[i].toDerInputStream());
value = values;
}
// close scope
break;
case // challenge password
7:
value = elems[0].getAsString();
break;
case // extended-certificate attribute -- not
9:
// supported
throw new IOException("PKCS9 extended-certificate " + "attribute not supported.");
case // IssuerAndSerialNumber attribute -- not
10:
// supported
throw new IOException("PKCS9 IssuerAndSerialNumber " + "attribute not supported.");
case // passwordCheck attribute -- not
11:
// supported
throw new IOException("PKCS9 passwordCheck " + "attribute not supported.");
case // PublicKey attribute -- not
12:
// supported
throw new IOException("PKCS9 PublicKey " + "attribute not supported.");
case // SigningDescription attribute -- not
13:
// supported
throw new IOException("PKCS9 SigningDescription " + "attribute not supported.");
case // ExtensionRequest attribute
14:
value = new CertificateExtensions(elems[0].toDerInputStream());
// can't happen
default:
}
}
Also used :
DerValue(org.mozilla.jss.netscape.security.util.DerValue)
DerInputStream(org.mozilla.jss.netscape.security.util.DerInputStream)
CertificateExtensions(org.mozilla.jss.netscape.security.x509.CertificateExtensions)
IOException(java.io.IOException)
ObjectIdentifier(org.mozilla.jss.netscape.security.util.ObjectIdentifier)
Example 13 with DerValue
use of org.mozilla.jss.netscape.security.util.DerValue in project jss by dogtagpki.
the class RSAPublicKey method parseKeyBits.
@Override
protected void parseKeyBits() throws InvalidKeyException {
if (!this.algid.getOID().equals(ALGORITHM_OID) && !this.algid.getOID().equals(AlgorithmId.RSA_oid)) {
throw new InvalidKeyException("Key algorithm OID is not RSA");
}
try {
DerValue val = new DerValue(key);
if (val.tag != DerValue.tag_Sequence) {
throw new InvalidKeyException("Invalid RSA public key format:" + " must be a SEQUENCE");
}
DerInputStream in = val.data;
this.modulus = in.getInteger();
this.publicExponent = in.getInteger();
} catch (IOException e) {
throw new InvalidKeyException("Invalid RSA public key: " + e.getMessage());
}
}
Also used :
DerValue(org.mozilla.jss.netscape.security.util.DerValue)
DerInputStream(org.mozilla.jss.netscape.security.util.DerInputStream)
IOException(java.io.IOException)
InvalidKeyException(java.security.InvalidKeyException)
Example 14 with DerValue
use of org.mozilla.jss.netscape.security.util.DerValue in project jss by dogtagpki.
the class AlgIdDSA method initializeParams.
/*
* For algorithm IDs which haven't been created from a DER encoded
* value, "params" must be created.
*/
private void initializeParams() throws IOException {
try (DerOutputStream out = new DerOutputStream()) {
out.putInteger(new BigInt(p.toByteArray()));
out.putInteger(new BigInt(q.toByteArray()));
out.putInteger(new BigInt(g.toByteArray()));
params = new DerValue(DerValue.tag_Sequence, out.toByteArray());
}
}
Also used :
DerOutputStream(org.mozilla.jss.netscape.security.util.DerOutputStream)
DerValue(org.mozilla.jss.netscape.security.util.DerValue)
BigInt(org.mozilla.jss.netscape.security.util.BigInt)
Example 15 with DerValue
use of org.mozilla.jss.netscape.security.util.DerValue in project jss by dogtagpki.
the class CRLExtensions method decode.
/**
* Decode the extensions from the InputStream.
*
* @param in the InputStream to unmarshal the contents from.
* @exception CRLException on decoding or validity errors.
* @exception X509ExtensionException on extension handling errors.
*/
public void decode(InputStream in) throws CRLException, X509ExtensionException {
try {
DerValue val = new DerValue(in);
DerInputStream str = val.toDerInputStream();
map = new Hashtable<>();
DerValue[] exts = str.getSequence(5);
for (int i = 0; i < exts.length; i++) {
Extension ext = new Extension(exts[i]);
parseExtension(ext);
}
} catch (IOException e) {
throw new CRLException("Parsing error: " + e.toString());
}
}
Also used :
DerValue(org.mozilla.jss.netscape.security.util.DerValue)
DerInputStream(org.mozilla.jss.netscape.security.util.DerInputStream)
IOException(java.io.IOException)
CRLException(java.security.cert.CRLException)
Aggregations
DerValue (org.mozilla.jss.netscape.security.util.DerValue)70
IOException (java.io.IOException)31
DerInputStream (org.mozilla.jss.netscape.security.util.DerInputStream)20
DerOutputStream (org.mozilla.jss.netscape.security.util.DerOutputStream)8
ObjectIdentifier (org.mozilla.jss.netscape.security.util.ObjectIdentifier)8
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)5
ByteBuffer (java.nio.ByteBuffer)4
CharBuffer (java.nio.CharBuffer)4
CharacterCodingException (java.nio.charset.CharacterCodingException)4
CharsetEncoder (java.nio.charset.CharsetEncoder)4
MessageDigest (java.security.MessageDigest)4
CRLException (java.security.cert.CRLException)4
BitArray (org.mozilla.jss.netscape.security.util.BitArray)4
AuthorityKeyIdentifierExtension (org.mozilla.jss.netscape.security.x509.AuthorityKeyIdentifierExtension)4
KeyIdentifier (org.mozilla.jss.netscape.security.x509.KeyIdentifier)4
ByteArrayOutputStream (java.io.ByteArrayOutputStream)3
InvalidKeyException (java.security.InvalidKeyException)3
BigInt (org.mozilla.jss.netscape.security.util.BigInt)3
GeneralName (org.mozilla.jss.netscape.security.x509.GeneralName)3
CertificateException (java.security.cert.CertificateException)2
