Search in sources :

Example 1 with ObjectIdentifier

use of org.mozilla.jss.netscape.security.util.ObjectIdentifier in project jss by dogtagpki.

the class BigObjectIdentifier method main.

public static void main(String[] args) throws Exception {
    long[] oid_components_long = { 1L, 3L, 6L, 1L, 4L, 1L, 5000L, 9L, 1L, 1L, 1526913300628L, 1L };
    int[] oid_components_int = { 1, 3, 6, 1, 4, 1, 2312, 9, 1, 1, 15269, 1, 1 };
    BigInteger[] oid_components_big_int = { new BigInteger("1"), new BigInteger("3"), new BigInteger("6"), new BigInteger("1"), new BigInteger("4"), new BigInteger("1"), new BigInteger("2312"), new BigInteger("9"), new BigInteger("1"), new BigInteger("152691330062899999999999997777788888888888888889999999999999999"), new BigInteger("1") };
    String oidIn = "1.3.6.1.4.1.2312.9.1.152691330062899999999999997777788888888888888889999999999999999.1";
    ObjectIdentifier oid = new ObjectIdentifier(oidIn);
    ObjectIdentifier fromDer = null;
    ObjectIdentifier fromStaticMethod = null;
    ObjectIdentifier fromComponentList = null;
    ObjectIdentifier fromComponentListInt = null;
    ObjectIdentifier fromComponentListBigInt = null;
    System.out.println("oid: " + oid.toString());
    DerOutputStream out = new DerOutputStream();
    oid.encode(out);
    DerInputStream in = new DerInputStream(out.toByteArray());
    fromDer = new ObjectIdentifier(in);
    System.out.println("fromDer: " + fromDer.toString());
    fromStaticMethod = ObjectIdentifier.getObjectIdentifier(oidIn);
    System.out.println("fromStaticMethod: " + fromStaticMethod.toString());
    fromComponentList = new ObjectIdentifier(oid_components_long);
    System.out.println("fromComponentList: " + fromComponentList.toString());
    fromComponentListInt = new ObjectIdentifier(oid_components_int);
    System.out.println("fromComponentListInt: " + fromComponentListInt);
    fromComponentListBigInt = new ObjectIdentifier(oid_components_big_int);
    System.out.println("fromComponentListBigInt: " + fromComponentListBigInt);
}
Also used : DerOutputStream(org.mozilla.jss.netscape.security.util.DerOutputStream) BigInteger(java.math.BigInteger) DerInputStream(org.mozilla.jss.netscape.security.util.DerInputStream) ObjectIdentifier(org.mozilla.jss.netscape.security.util.ObjectIdentifier)

Example 2 with ObjectIdentifier

use of org.mozilla.jss.netscape.security.util.ObjectIdentifier in project jss by dogtagpki.

the class X500NameAttrMap method addNameOID.

// 
// public add methods.
// 
/**
 * Adds a attribute name, ObjectIdentifier, AVAValueConverter entry
 * to the map.
 *
 * @param name An attribute name (string of ascii chars)
 * @param oid The ObjectIdentifier for the attribute.
 * @param valueConverter An AVAValueConverter object for converting
 *            an value for this attribute from a string to
 *            a DerValue and vice versa.
 */
public void addNameOID(String name, ObjectIdentifier oid, AVAValueConverter valueConverter) {
    // normalize name for case insensitive compare.
    ObjectIdentifier theOid;
    Class<? extends AVAValueConverter> expValueConverter;
    theOid = name2OID.get(name);
    if (theOid != null) {
        expValueConverter = oid2ValueConverter.get(theOid).getClass();
        if (!theOid.equals(oid) || expValueConverter != valueConverter.getClass()) {
            throw new IllegalArgumentException("Another keyword-oid-valueConverter triple already " + "exists in the X500NameAttrMap ");
        }
        return;
    }
    name2OID.put(name.toUpperCase(), oid);
    oid2Name.put(oid, name.toUpperCase());
    oid2ValueConverter.put(oid, valueConverter);
}
Also used : ObjectIdentifier(org.mozilla.jss.netscape.security.util.ObjectIdentifier)

Example 3 with ObjectIdentifier

use of org.mozilla.jss.netscape.security.util.ObjectIdentifier in project jss by dogtagpki.

the class X509CertImpl method getExtension.

public Extension getExtension(String oid) {
    try {
        CertificateExtensions exts = (CertificateExtensions) info.get(CertificateExtensions.NAME);
        if (exts == null)
            return null;
        ObjectIdentifier findOID = new ObjectIdentifier(oid);
        Extension ex = null;
        ;
        ObjectIdentifier inCertOID;
        for (Enumeration<Extension> e = exts.getAttributes(); e.hasMoreElements(); ) {
            ex = e.nextElement();
            inCertOID = ex.getExtensionId();
            if (inCertOID.equals(findOID)) {
                return ex;
            }
        }
    } catch (Exception e) {
    }
    return null;
}
Also used : CertificateNotYetValidException(java.security.cert.CertificateNotYetValidException) CertificateParsingException(java.security.cert.CertificateParsingException) CertificateExpiredException(java.security.cert.CertificateExpiredException) SignatureException(java.security.SignatureException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) NoSuchProviderException(java.security.NoSuchProviderException) CertificateEncodingException(java.security.cert.CertificateEncodingException) ObjectIdentifier(org.mozilla.jss.netscape.security.util.ObjectIdentifier)

Example 4 with ObjectIdentifier

use of org.mozilla.jss.netscape.security.util.ObjectIdentifier in project jss by dogtagpki.

the class X509CertImpl method getKeyUsage.

/**
 * Get a boolean array representing the bits of the KeyUsage extension,
 * (oid = 2.5.29.15).
 *
 * @return the bit values of this extension as an array of booleans.
 */
@Override
public boolean[] getKeyUsage() {
    try {
        String extAlias = OIDMap.getName(new ObjectIdentifier(KEY_USAGE_OID));
        if (extAlias == null)
            return null;
        KeyUsageExtension certExt = (KeyUsageExtension) this.get(extAlias);
        if (certExt == null)
            return null;
        return certExt.getBits();
    } catch (Exception e) {
        return null;
    }
}
Also used : CertificateNotYetValidException(java.security.cert.CertificateNotYetValidException) CertificateParsingException(java.security.cert.CertificateParsingException) CertificateExpiredException(java.security.cert.CertificateExpiredException) SignatureException(java.security.SignatureException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) NoSuchProviderException(java.security.NoSuchProviderException) CertificateEncodingException(java.security.cert.CertificateEncodingException) ObjectIdentifier(org.mozilla.jss.netscape.security.util.ObjectIdentifier)

Example 5 with ObjectIdentifier

use of org.mozilla.jss.netscape.security.util.ObjectIdentifier in project jss by dogtagpki.

the class SignerInfo method verify.

/* Returns null if verify fails, this signerInfo if
       verify succeeds. */
SignerInfo verify(PKCS7 block, byte[] data) throws NoSuchAlgorithmException, SignatureException {
    try {
        ContentInfo content = block.getContentInfo();
        if (data == null) {
            data = content.getContentBytes();
        }
        String digestAlgname = getDigestAlgorithmId().getName();
        byte[] dataSigned;
        // digest and compare it with the digest of data
        if (authenticatedAttributes == null) {
            dataSigned = data;
        } else {
            // first, check content type
            ObjectIdentifier contentType = (ObjectIdentifier) authenticatedAttributes.getAttributeValue(PKCS9Attribute.CONTENT_TYPE_OID);
            if (contentType == null || !contentType.equals(content.contentType))
                // contentType does not match, bad SignerInfo
                return null;
            // now, check message digest
            byte[] messageDigest = (byte[]) authenticatedAttributes.getAttributeValue(PKCS9Attribute.MESSAGE_DIGEST_OID);
            if (// fail if there is no message digest
            messageDigest == null)
                return null;
            MessageDigest md = MessageDigest.getInstance(digestAlgname);
            byte[] computedMessageDigest = md.digest(data);
            if (messageDigest.length != computedMessageDigest.length)
                return null;
            for (int i = 0; i < messageDigest.length; i++) {
                if (messageDigest[i] != computedMessageDigest[i])
                    return null;
            }
            // message digest attribute matched
            // digest of original data
            // the data actually signed is the DER encoding of
            // the authenticated attributes (tagged with
            // the "SET OF" tag, not 0xA0).
            dataSigned = authenticatedAttributes.getDerEncoding();
        }
        // put together digest algorithm and encryption algorithm
        // to form signing algorithm
        String encryptionAlgname = getDigestEncryptionAlgorithmId().getName();
        String algname;
        if (encryptionAlgname.equals("DSA") || encryptionAlgname.equals("SHA1withDSA")) {
            algname = "DSA";
        } else {
            algname = digestAlgname + "/" + encryptionAlgname;
        }
        Signature sig = Signature.getInstance(algname);
        X509Certificate cert = getCertificate(block);
        if (cert == null) {
            return null;
        }
        PublicKey key = cert.getPublicKey();
        sig.initVerify(key);
        sig.update(dataSigned);
        if (sig.verify(encryptedDigest)) {
            return this;
        }
    } catch (IOException e) {
        throw new SignatureException("IO error verifying signature:\n" + e.getMessage());
    } catch (InvalidKeyException e) {
        throw new SignatureException("InvalidKey: " + e.getMessage());
    }
    return null;
}
Also used : PublicKey(java.security.PublicKey) Signature(java.security.Signature) IOException(java.io.IOException) SignatureException(java.security.SignatureException) MessageDigest(java.security.MessageDigest) InvalidKeyException(java.security.InvalidKeyException) X509Certificate(java.security.cert.X509Certificate) ObjectIdentifier(org.mozilla.jss.netscape.security.util.ObjectIdentifier)

Aggregations

ObjectIdentifier (org.mozilla.jss.netscape.security.util.ObjectIdentifier)27 IOException (java.io.IOException)21 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)8 CertificateException (java.security.cert.CertificateException)8 DerOutputStream (org.mozilla.jss.netscape.security.util.DerOutputStream)8 DerValue (org.mozilla.jss.netscape.security.util.DerValue)8 InvalidKeyException (java.security.InvalidKeyException)7 NoSuchProviderException (java.security.NoSuchProviderException)7 SignatureException (java.security.SignatureException)7 CertificateEncodingException (java.security.cert.CertificateEncodingException)5 CertificateExpiredException (java.security.cert.CertificateExpiredException)5 CertificateNotYetValidException (java.security.cert.CertificateNotYetValidException)5 CertificateParsingException (java.security.cert.CertificateParsingException)5 DerInputStream (org.mozilla.jss.netscape.security.util.DerInputStream)5 GeneralName (org.mozilla.jss.netscape.security.x509.GeneralName)3 CRLException (java.security.cert.CRLException)2 CertificateExtensions (org.mozilla.jss.netscape.security.x509.CertificateExtensions)2 ByteArrayOutputStream (java.io.ByteArrayOutputStream)1 CharArrayWriter (java.io.CharArrayWriter)1 File (java.io.File)1