use of org.openecard.bouncycastle.asn1.ASN1OctetString in project oxCore by GluuFederation.
the class OperationsFacade method search.
public SearchResult search(String dn, Filter filter, SearchScope scope, BatchOperation<?> batchOperation, int startIndex, int searchLimit, int sizeLimit, Control[] controls, String... attributes) throws LDAPSearchException {
SearchRequest searchRequest;
if (log.isTraceEnabled()) {
// Find whole tree search
if (StringHelper.equalsIgnoreCase(dn, "o=gluu")) {
log.trace("Search in whole LDAP tree", new Exception());
}
}
if (attributes == null) {
searchRequest = new SearchRequest(dn, scope.getLdapSearchScope(), filter);
} else {
searchRequest = new SearchRequest(dn, scope.getLdapSearchScope(), filter, attributes);
}
boolean useSizeLimit = sizeLimit > 0;
if (useSizeLimit) {
// Use paged result to limit search
searchLimit = sizeLimit;
}
SearchResult searchResult = null;
List<SearchResult> searchResultList = new ArrayList<SearchResult>();
List<SearchResultEntry> searchResultEntries = new ArrayList<SearchResultEntry>();
List<SearchResultReference> searchResultReferences = new ArrayList<SearchResultReference>();
if ((searchLimit > 0) || (startIndex > 0)) {
if (searchLimit == 0) {
// Default page size
searchLimit = 100;
}
ASN1OctetString cookie = null;
if (startIndex > 0) {
try {
cookie = scrollSimplePagedResultsControl(dn, filter, scope, controls, startIndex);
} catch (InvalidSimplePageControlException ex) {
throw new LDAPSearchException(ResultCode.OPERATIONS_ERROR, "Failed to scroll to specified startIndex", ex);
}
}
if (batchOperation != null) {
cookie = batchOperation.getCookie();
}
do {
searchRequest.setControls(new Control[] { new SimplePagedResultsControl(searchLimit, cookie) });
setControls(searchRequest, controls);
if (batchOperation != null) {
searchResult = batchOperation.getLdapConnection().search(searchRequest);
} else {
searchResult = getConnectionPool().search(searchRequest);
}
searchResultList.add(searchResult);
searchResultEntries.addAll(searchResult.getSearchEntries());
searchResultReferences.addAll(searchResult.getSearchReferences());
cookie = null;
try {
SimplePagedResultsControl c = SimplePagedResultsControl.get(searchResult);
if (c != null) {
cookie = c.getCookie();
if (batchOperation != null) {
batchOperation.setCookie(cookie);
batchOperation.setMoreResultsToReturn(c.moreResultsToReturn());
}
}
} catch (LDAPException ex) {
log.error("Error while accessing cookies" + ex.getMessage());
}
if (useSizeLimit) {
break;
}
} while ((cookie != null) && (cookie.getValueLength() > 0));
SearchResult searchResultTemp = searchResultList.get(0);
searchResult = new SearchResult(searchResultTemp.getMessageID(), searchResultTemp.getResultCode(), searchResultTemp.getDiagnosticMessage(), searchResultTemp.getMatchedDN(), searchResultTemp.getReferralURLs(), searchResultEntries, searchResultReferences, searchResultEntries.size(), searchResultReferences.size(), searchResultTemp.getResponseControls());
} else {
setControls(searchRequest, controls);
searchResult = getConnectionPool().search(searchRequest);
}
return searchResult;
}
use of org.openecard.bouncycastle.asn1.ASN1OctetString in project nhin-d by DirectProject.
the class SigTest method testCreateVerifySig.
public void testCreateVerifySig() throws Exception {
X509CertificateEx internalCert = TestUtils.getInternalCert("user1");
X509Certificate caCert = TestUtils.getExternalCert("cacert");
String testMessage = TestUtils.readResource("MultipartMimeMessage.txt");
MimeMessage entity = EntitySerializer.Default.deserialize(testMessage);
Message message = new Message(entity);
MimeEntity entityToSig = message.extractEntityForSignature(true);
// Serialize message out as ASCII encoded...
byte[] messageBytes = EntitySerializer.Default.serializeToBytes(entityToSig);
MimeBodyPart partToSign = null;
try {
partToSign = new MimeBodyPart(new ByteArrayInputStream(messageBytes));
} catch (Exception e) {
}
SMIMESignedGenerator gen = new SMIMESignedGenerator();
ASN1EncodableVector signedAttrs = new ASN1EncodableVector();
SMIMECapabilityVector caps = new SMIMECapabilityVector();
caps.addCapability(SMIMECapability.dES_EDE3_CBC);
caps.addCapability(SMIMECapability.rC2_CBC, 128);
caps.addCapability(SMIMECapability.dES_CBC);
caps.addCapability(new DERObjectIdentifier("1.2.840.113549.1.7.1"));
caps.addCapability(PKCSObjectIdentifiers.x509Certificate);
signedAttrs.add(new SMIMECapabilitiesAttribute(caps));
List certList = new ArrayList();
gen.addSigner(internalCert.getPrivateKey(), internalCert, SMIMESignedGenerator.DIGEST_SHA1, new AttributeTable(signedAttrs), null);
//SMIMESignedGenerator.DIGEST_SHA1, null, null);
certList.add(internalCert);
MimeMultipart retVal = null;
CertStore certsAndcrls = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certList), CryptoExtensions.getJCEProviderName());
gen.addCertificatesAndCRLs(certsAndcrls);
_certStores.add(certsAndcrls);
_signers.add(new Signer(internalCert.getPrivateKey(), internalCert, SMIMESignedGenerator.DIGEST_SHA1, new AttributeTable(signedAttrs), null));
retVal = generate(partToSign, CryptoExtensions.getJCEProviderName());
for (int i = 0; i < 10; ++i) {
ByteArrayOutputStream oStream = new ByteArrayOutputStream();
retVal.writeTo(oStream);
oStream.flush();
byte[] serialzedBytes = oStream.toByteArray();
//System.out.println(new String(serialzedBytes, "ASCII") + "\r\n\r\n\r\n\r\n\r\n");
ByteArrayDataSource dataSource = new ByteArrayDataSource(serialzedBytes, retVal.getContentType());
MimeMultipart verifyMM = new MimeMultipart(dataSource);
CMSSignedData signed = null;
//CMSSignedData signeddata = new CMSSignedData(new CMSProcessableBodyPartInbound(verifyMM.getBodyPart(0)), verifyMM.getBodyPart(1).getInputStream());
CMSSignedData signeddata = new CMSSignedData(new CMSProcessableBodyPartInbound(partToSign), verifyMM.getBodyPart(1).getInputStream());
int verified = 0;
CertStore certs = signeddata.getCertificatesAndCRLs("Collection", CryptoExtensions.getJCEProviderName());
SignerInformationStore signers = signeddata.getSignerInfos();
Collection c = signers.getSigners();
Iterator it = c.iterator();
while (it.hasNext()) {
SignerInformation signer = (SignerInformation) it.next();
Collection certCollection = certs.getCertificates(signer.getSID());
Attribute dig = signer.getSignedAttributes().get(CMSAttributes.messageDigest);
DERObject hashObj = dig.getAttrValues().getObjectAt(0).getDERObject();
byte[] signedHash = ((ASN1OctetString) hashObj).getOctets();
System.out.print("value of signedHash: \r\n\tvalue: ");
for (byte bt : signedHash) {
System.out.print(bt + " ");
}
System.out.println();
Iterator certIt = certCollection.iterator();
try {
assertTrue(signer.verify(internalCert, CryptoExtensions.getJCEProviderName()));
} catch (Exception e) {
e.printStackTrace();
}
byte[] bytes = signer.getContentDigest();
/*
X509Certificate cert = (X509Certificate)certIt.next();
if (signer.verify(cert.getPublicKey()))
{
verified++;
}
*/
verified++;
}
}
}
use of org.openecard.bouncycastle.asn1.ASN1OctetString in project nhin-d by DirectProject.
the class DefaultMessageSignatureImpl method logDigests.
private void logDigests(SignerInformation sigInfo) {
// will fail
if (this.m_logDigest && sigInfo != null) {
try {
//get the digests
final Attribute digAttr = sigInfo.getSignedAttributes().get(CMSAttributes.messageDigest);
final DERObject hashObj = digAttr.getAttrValues().getObjectAt(0).getDERObject();
final byte[] signedDigest = ((ASN1OctetString) hashObj).getOctets();
final String signedDigestHex = org.apache.commons.codec.binary.Hex.encodeHexString(signedDigest);
LOGGER.info("Signed Message Digest: " + signedDigestHex);
// should have the computed digest now
final byte[] digest = sigInfo.getContentDigest();
final String digestHex = org.apache.commons.codec.binary.Hex.encodeHexString(digest);
LOGGER.info("Computed Message Digest: " + digestHex);
} catch (Throwable t) {
/* no-op.... logging digests is a quiet operation */
}
}
}
use of org.openecard.bouncycastle.asn1.ASN1OctetString in project nhin-d by DirectProject.
the class CRLRevocationManager method getObject.
private static DERObject getObject(String oid, byte[] ext) throws AnnotatedException {
ASN1InputStream aIn = null;
try {
aIn = new ASN1InputStream(ext);
ASN1OctetString octs = (ASN1OctetString) aIn.readObject();
IOUtils.closeQuietly(aIn);
aIn = new ASN1InputStream(octs.getOctets());
return aIn.readObject();
} catch (Exception e) {
throw new NHINDException("exception processing extension " + oid, e);
} finally {
IOUtils.closeQuietly(aIn);
}
}
use of org.openecard.bouncycastle.asn1.ASN1OctetString in project cas by apereo.
the class X509SubjectAlternativeNameUPNPrincipalResolver method getUPNStringFromSequence.
/**
* Get UPN String.
*
* @param seq ASN1Sequence abstraction representing subject alternative name.
* First element is the object identifier, second is the object itself.
* @return UPN string or null
*/
private static String getUPNStringFromSequence(final ASN1Sequence seq) {
if (seq != null) {
// First in sequence is the object identifier, that we must check
final ASN1ObjectIdentifier id = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
if (id != null && UPN_OBJECTID.equals(id.getId())) {
final ASN1TaggedObject obj = (ASN1TaggedObject) seq.getObjectAt(1);
ASN1Primitive prim = obj.getObject();
// Due to bug in java cert.getSubjectAltName, it can be tagged an extra time
if (prim instanceof ASN1TaggedObject) {
prim = ASN1TaggedObject.getInstance(prim).getObject();
}
if (prim instanceof ASN1OctetString) {
return new String(((ASN1OctetString) prim).getOctets(), StandardCharsets.UTF_8);
}
if (prim instanceof ASN1String) {
return ((ASN1String) prim).getString();
}
return null;
}
}
return null;
}
Aggregations