use of org.mozilla.jss.netscape.security.util.ObjectIdentifier in project jss by dogtagpki.
the class PKCS9Attribute method derEncode.
/**
* Write the DER encoding of this attribute to an output stream.
*
* <P>
* N.B.: This method always encodes values of ChallengePassword and UnstructuredAddress attributes as ASN.1
* <code>PrintableString</code>s, without checking whether they should be encoded as <code>T61String</code>s.
*/
@Override
public void derEncode(OutputStream out) throws IOException {
try (DerOutputStream temp = new DerOutputStream();
DerOutputStream temp2 = new DerOutputStream();
DerOutputStream derOut = new DerOutputStream()) {
temp.putOID(getOID());
switch(index) {
// email address
case 1:
case // unstructured name
2:
{
// open scope
String[] values = (String[]) value;
DerOutputStream[] temps = new DerOutputStream[values.length];
for (int i = 0; i < values.length; i++) {
temps[i] = new DerOutputStream();
temps[i].putIA5String(values[i]);
}
temp.putOrderedSetOf(DerValue.tag_Set, temps);
}
// close scope
break;
case // content type
3:
{
temp2.putOID((ObjectIdentifier) value);
temp.write(DerValue.tag_Set, temp2.toByteArray());
}
break;
case // message digest
4:
{
temp2.putOctetString((byte[]) value);
temp.write(DerValue.tag_Set, temp2.toByteArray());
}
break;
case // signing time
5:
{
temp2.putUTCTime((Date) value);
temp.write(DerValue.tag_Set, temp2.toByteArray());
}
break;
case // countersignature
6:
temp.putOrderedSetOf(DerValue.tag_Set, (DerEncoder[]) value);
break;
case // challenge password
7:
{
temp2.putPrintableString((String) value);
temp.write(DerValue.tag_Set, temp2.toByteArray());
}
break;
case // unstructured address
8:
{
// open scope
String[] values = (String[]) value;
DerOutputStream[] temps = new DerOutputStream[values.length];
for (int i = 0; i < values.length; i++) {
temps[i] = new DerOutputStream();
temps[i].putPrintableString(values[i]);
}
temp.putOrderedSetOf(DerValue.tag_Set, temps);
}
// close scope
break;
case // extended-certificate attribute -- not
9:
// supported
throw new IOException("PKCS9 extended-certificate " + "attribute not supported.");
case // IssuerAndSerialNumber attribute -- not
10:
// supported
throw new IOException("PKCS9 IssuerAndSerialNumber " + "attribute not supported.");
case // passwordCheck attribute -- not
11:
// supported
throw new IOException("PKCS9 passwordCheck " + "attribute not supported.");
case // PublicKey attribute -- not
12:
// supported
throw new IOException("PKCS9 PublicKey " + "attribute not supported.");
case // SigningDescription attribute -- not
13:
// supported
throw new IOException("PKCS9 SigningDescription " + "attribute not supported.");
case // ExtensionRequest attribute
14:
try {
// temp2.putSequence((CertificateExtensions) value);
((CertificateExtensions) value).encode(temp2);
temp.write(DerValue.tag_Sequence, temp2.toByteArray());
} catch (CertificateException e) {
throw new IOException("PKCS9 extension attributes not encoded");
}
// can't happen
default:
}
derOut.write(DerValue.tag_Sequence, temp.toByteArray());
out.write(derOut.toByteArray());
}
}
use of org.mozilla.jss.netscape.security.util.ObjectIdentifier in project jss by dogtagpki.
the class PKCS9Attribute method decode.
/**
* Decode a PKCS9 attribute.
*
* @param val
* the DerValue representing the DER encoding of the attribute.
*/
private void decode(DerValue derVal) throws IOException {
DerInputStream derIn = new DerInputStream(derVal.toByteArray());
DerValue[] val = derIn.getSequence(2);
if (derIn.available() != 0)
throw new IOException("Excess data parsing PKCS9Attribute");
if (val.length != 2)
throw new IOException("PKCS9Attribute doesn't have two components");
DerValue[] elems;
// get the oid
ObjectIdentifier oid = val[0].getOID();
index = indexOf(oid, PKCS9_OIDS, 1);
Byte tag;
if (index == -1)
throw new IOException("Invalid OID for PKCS9 attribute: " + oid);
elems = new DerInputStream(val[1].toByteArray()).getSet(1);
// check single valued have only one value
if (SINGLE_VALUED[index] && elems.length > 1)
throwSingleValuedException();
// check for illegal element tags
for (int i = 0; i < elems.length; i++) {
tag = Byte.valueOf(elems[i].tag);
if (indexOf(tag, PKCS9_VALUE_TAGS[index], 0) == -1)
throwTagException(tag);
}
switch(index) {
// email address
case 1:
// unstructured name
case 2:
case // unstructured address
8:
{
// open scope
String[] values = new String[elems.length];
for (int i = 0; i < elems.length; i++) values[i] = elems[i].getAsString();
value = values;
}
// close scope
break;
case // content type
3:
value = elems[0].getOID();
break;
case // message digest
4:
value = elems[0].getOctetString();
break;
case // signing time
5:
value = (new DerInputStream(elems[0].toByteArray())).getUTCTime();
break;
case // countersignature
6:
{
// open scope
SignerInfo[] values = new SignerInfo[elems.length];
for (int i = 0; i < elems.length; i++) values[i] = new SignerInfo(elems[i].toDerInputStream());
value = values;
}
// close scope
break;
case // challenge password
7:
value = elems[0].getAsString();
break;
case // extended-certificate attribute -- not
9:
// supported
throw new IOException("PKCS9 extended-certificate " + "attribute not supported.");
case // IssuerAndSerialNumber attribute -- not
10:
// supported
throw new IOException("PKCS9 IssuerAndSerialNumber " + "attribute not supported.");
case // passwordCheck attribute -- not
11:
// supported
throw new IOException("PKCS9 passwordCheck " + "attribute not supported.");
case // PublicKey attribute -- not
12:
// supported
throw new IOException("PKCS9 PublicKey " + "attribute not supported.");
case // SigningDescription attribute -- not
13:
// supported
throw new IOException("PKCS9 SigningDescription " + "attribute not supported.");
case // ExtensionRequest attribute
14:
value = new CertificateExtensions(elems[0].toDerInputStream());
// can't happen
default:
}
}
use of org.mozilla.jss.netscape.security.util.ObjectIdentifier in project jss by dogtagpki.
the class ExtendedKeyUsageExtension method encodeExtValue.
private void encodeExtValue() throws IOException {
DerOutputStream out = new DerOutputStream();
DerOutputStream temp = new DerOutputStream();
if (!oidSet.isEmpty()) {
Enumeration<ObjectIdentifier> oidList = oidSet.elements();
try {
while (oidList.hasMoreElements()) {
temp.putOID(oidList.nextElement());
}
} catch (IOException ex) {
ex.printStackTrace();
}
}
try {
out.write(DerValue.tag_Sequence, temp);
} catch (IOException ex) {
} finally {
out.close();
}
extensionValue = out.toByteArray();
}
use of org.mozilla.jss.netscape.security.util.ObjectIdentifier in project jss by dogtagpki.
the class LdapV3DNStrConverter method encodeAVA.
/**
* Converts a AVA to a Ldap v3 DN String (except in unicode).
*
* @param ava an AVA
*
* @return a Ldap v3 DN string (except in unicode).
*
* @exception IOException If an error is encountered during exception.
*/
@Override
public String encodeAVA(AVA ava) throws IOException {
if (ava == null) {
return "";
}
ObjectIdentifier oid = ava.getOid();
DerValue value = ava.getValue();
String keyword, valueStr;
// get attribute name
keyword = encodeOID(oid);
valueStr = encodeValue(value, oid);
return keyword + "=" + valueStr;
}
use of org.mozilla.jss.netscape.security.util.ObjectIdentifier in project jss by dogtagpki.
the class OIDMap method loadNames.
// Load the names to oid map
private static void loadNames() {
Properties props = new Properties();
File namesMap = certificatePropFile(EXTENSIONS_OIDS);
if (!namesMap.exists()) {
loadNamesDefault(props);
} else {
FileInputStream fis = null;
try {
fis = new FileInputStream(namesMap);
props.load(fis);
} catch (IOException e) {
loadNamesDefault(props);
} finally {
if (fis != null) {
try {
fis.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
}
Iterator<String> names = props.stringPropertyNames().iterator();
while (names.hasNext()) {
String name = names.next();
String oidName = props.getProperty(name);
ObjectIdentifier oid = new ObjectIdentifier(oidName);
name2OID.put(name, oid);
oid2Name.put(oid, name);
}
}
Aggregations