Search in sources :

Example 71 with ASN1OctetString

use of org.openecard.bouncycastle.asn1.ASN1OctetString in project oxCore by GluuFederation.

the class LdapOperationsServiceImpl method search.

/*
     * (non-Javadoc)
     *
     * @see org.gluu.site.ldap.PlatformOperationFacade#search(java.lang.String,
     * com.unboundid.ldap.sdk.Filter, org.xdi.ldap.model.SearchScope,
     * org.gluu.site.ldap.persistence.BatchOperation, int, int, int,
     * com.unboundid.ldap.sdk.Control[], java.lang.String)
     */
@Override
public <T> SearchResult search(String dn, Filter filter, SearchScope scope, LdapBatchOperationWraper<T> batchOperationWraper, int startIndex, int searchLimit, int sizeLimit, Control[] controls, String... attributes) throws SearchException {
    SearchRequest searchRequest;
    BatchOperation<T> ldapBatchOperation = null;
    if (batchOperationWraper != null) {
        ldapBatchOperation = (BatchOperation<T>) batchOperationWraper.getBatchOperation();
    }
    if (LOG.isTraceEnabled()) {
        // Find whole tree search
        if (StringHelper.equalsIgnoreCase(dn, "o=gluu")) {
            LOG.trace("Search in whole LDAP tree", new Exception());
        }
    }
    if (attributes == null) {
        searchRequest = new SearchRequest(dn, scope, filter);
    } else {
        searchRequest = new SearchRequest(dn, scope, filter, attributes);
    }
    boolean useSizeLimit = sizeLimit > 0;
    if (useSizeLimit) {
        // Use paged result to limit search
        searchLimit = sizeLimit;
    }
    SearchResult searchResult = null;
    List<SearchResult> searchResultList = new ArrayList<SearchResult>();
    List<SearchResultEntry> searchResultEntries = new ArrayList<SearchResultEntry>();
    List<SearchResultReference> searchResultReferences = new ArrayList<SearchResultReference>();
    if ((searchLimit > 0) || (startIndex > 0)) {
        if (searchLimit == 0) {
            // Default page size
            searchLimit = 100;
        }
        boolean collectSearchResult;
        LDAPConnection ldapConnection = null;
        try {
            ldapConnection = getConnectionPool().getConnection();
            ASN1OctetString cookie = null;
            if (startIndex > 0) {
                try {
                    cookie = scrollSimplePagedResultsControl(ldapConnection, dn, filter, scope, controls, startIndex);
                } catch (InvalidSimplePageControlException ex) {
                    throw new LDAPSearchException(ex.getResultCode(), "Failed to scroll to specified startIndex", ex);
                } catch (LDAPException ex) {
                    throw new LDAPSearchException(ex.getResultCode(), "Failed to scroll to specified startIndex", ex);
                }
            }
            do {
                collectSearchResult = true;
                searchRequest.setControls(new Control[] { new SimplePagedResultsControl(searchLimit, cookie) });
                setControls(searchRequest, controls);
                searchResult = ldapConnection.search(searchRequest);
                if (ldapBatchOperation != null) {
                    collectSearchResult = ldapBatchOperation.collectSearchResult(searchResult.getEntryCount());
                }
                if (collectSearchResult) {
                    searchResultList.add(searchResult);
                    searchResultEntries.addAll(searchResult.getSearchEntries());
                    searchResultReferences.addAll(searchResult.getSearchReferences());
                }
                if (ldapBatchOperation != null) {
                    List<T> entries = batchOperationWraper.createEntities(searchResult);
                    ldapBatchOperation.performAction(entries);
                }
                cookie = null;
                try {
                    SimplePagedResultsControl c = SimplePagedResultsControl.get(searchResult);
                    if (c != null) {
                        cookie = c.getCookie();
                    }
                } catch (LDAPException ex) {
                    LOG.error("Error while accessing cookies" + ex.getMessage());
                }
                if (useSizeLimit) {
                    break;
                }
            } while ((cookie != null) && (cookie.getValueLength() > 0));
        } catch (LDAPException ex) {
            throw new SearchException("Failed to scroll to specified startIndex", ex, ex.getResultCode().intValue());
        } finally {
            if (ldapConnection != null) {
                getConnectionPool().releaseConnection(ldapConnection);
            }
        }
        if (!collectSearchResult) {
            return new SearchResult(searchResult.getMessageID(), searchResult.getResultCode(), searchResult.getDiagnosticMessage(), searchResult.getMatchedDN(), searchResult.getReferralURLs(), searchResultEntries, searchResultReferences, searchResultEntries.size(), searchResultReferences.size(), searchResult.getResponseControls());
        }
        if (!searchResultList.isEmpty()) {
            SearchResult searchResultTemp = searchResultList.get(0);
            return new SearchResult(searchResultTemp.getMessageID(), searchResultTemp.getResultCode(), searchResultTemp.getDiagnosticMessage(), searchResultTemp.getMatchedDN(), searchResultTemp.getReferralURLs(), searchResultEntries, searchResultReferences, searchResultEntries.size(), searchResultReferences.size(), searchResultTemp.getResponseControls());
        }
    } else {
        setControls(searchRequest, controls);
        try {
            searchResult = getConnectionPool().search(searchRequest);
        } catch (LDAPSearchException ex) {
            throw new SearchException(ex.getMessage(), ex, ex.getResultCode().intValue());
        }
    }
    return searchResult;
}
Also used : ASN1OctetString(com.unboundid.asn1.ASN1OctetString) SearchRequest(com.unboundid.ldap.sdk.SearchRequest) ArrayList(java.util.ArrayList) SearchResultReference(com.unboundid.ldap.sdk.SearchResultReference) SearchException(org.gluu.persist.exception.operation.SearchException) LDAPSearchException(com.unboundid.ldap.sdk.LDAPSearchException) SearchResult(com.unboundid.ldap.sdk.SearchResult) LDAPConnection(com.unboundid.ldap.sdk.LDAPConnection) InvalidSimplePageControlException(org.gluu.persist.ldap.exception.InvalidSimplePageControlException) ConnectionException(org.gluu.persist.exception.operation.ConnectionException) SearchException(org.gluu.persist.exception.operation.SearchException) LDAPSearchException(com.unboundid.ldap.sdk.LDAPSearchException) MappingException(org.gluu.persist.exception.mapping.MappingException) LDAPException(com.unboundid.ldap.sdk.LDAPException) DuplicateEntryException(org.gluu.persist.exception.operation.DuplicateEntryException) LDAPException(com.unboundid.ldap.sdk.LDAPException) LDAPSearchException(com.unboundid.ldap.sdk.LDAPSearchException) InvalidSimplePageControlException(org.gluu.persist.ldap.exception.InvalidSimplePageControlException) SimplePagedResultsControl(com.unboundid.ldap.sdk.controls.SimplePagedResultsControl) SearchResultEntry(com.unboundid.ldap.sdk.SearchResultEntry)

Example 72 with ASN1OctetString

use of org.openecard.bouncycastle.asn1.ASN1OctetString in project xipki by xipki.

the class X509CaCmpResponderImpl method postProcessCertInfo.

// method generateCertificates
private CertResponse postProcessCertInfo(ASN1Integer certReqId, X509CertificateInfo certInfo, ASN1OctetString tid, CmpControl cmpControl) {
    if (cmpControl.isConfirmCert()) {
        pendingCertPool.addCertificate(tid.getOctets(), certReqId.getPositiveValue(), certInfo, System.currentTimeMillis() + cmpControl.getConfirmWaitTimeMs());
    }
    String warningMsg = certInfo.getWarningMessage();
    PKIStatusInfo statusInfo;
    if (StringUtil.isBlank(warningMsg)) {
        statusInfo = certInfo.isAlreadyIssued() ? new PKIStatusInfo(PKIStatus.grantedWithMods, new PKIFreeText("ALREADY_ISSUED")) : new PKIStatusInfo(PKIStatus.granted);
    } else {
        statusInfo = new PKIStatusInfo(PKIStatus.grantedWithMods, new PKIFreeText(warningMsg));
    }
    CertOrEncCert cec = new CertOrEncCert(CMPCertificate.getInstance(certInfo.getCert().getEncodedCert()));
    CertifiedKeyPair kp = new CertifiedKeyPair(cec);
    return new CertResponse(certReqId, statusInfo, kp, null);
}
Also used : CertResponse(org.bouncycastle.asn1.cmp.CertResponse) PKIStatusInfo(org.bouncycastle.asn1.cmp.PKIStatusInfo) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) CertOrEncCert(org.bouncycastle.asn1.cmp.CertOrEncCert) PKIFreeText(org.bouncycastle.asn1.cmp.PKIFreeText) CertifiedKeyPair(org.bouncycastle.asn1.cmp.CertifiedKeyPair)

Example 73 with ASN1OctetString

use of org.openecard.bouncycastle.asn1.ASN1OctetString in project xipki by xipki.

the class X509CaCmpResponderImpl method processPkiMessage0.

@Override
protected PKIMessage processPkiMessage0(PKIMessage request, RequestorInfo requestor, ASN1OctetString tid, GeneralPKIMessage message, String msgId, AuditEvent event) {
    if (!(requestor instanceof CmpRequestorInfo)) {
        throw new IllegalArgumentException("unknown requestor type " + requestor.getClass().getName());
    }
    CmpRequestorInfo tmpRequestor = (CmpRequestorInfo) requestor;
    event.addEventData(CaAuditConstants.NAME_requestor, tmpRequestor.getIdent().getName());
    PKIHeader reqHeader = message.getHeader();
    PKIHeaderBuilder respHeader = new PKIHeaderBuilder(reqHeader.getPvno().getValue().intValue(), getSender(), reqHeader.getSender());
    respHeader.setTransactionID(tid);
    ASN1OctetString senderNonce = reqHeader.getSenderNonce();
    if (senderNonce != null) {
        respHeader.setRecipNonce(senderNonce);
    }
    PKIBody respBody;
    PKIBody reqBody = message.getBody();
    final int type = reqBody.getType();
    CmpControl cmpControl = getCmpControl();
    try {
        switch(type) {
            case PKIBody.TYPE_CERT_REQ:
            case PKIBody.TYPE_KEY_UPDATE_REQ:
            case PKIBody.TYPE_P10_CERT_REQ:
            case PKIBody.TYPE_CROSS_CERT_REQ:
                String eventType = null;
                if (PKIBody.TYPE_CERT_REQ == type) {
                    eventType = CaAuditConstants.TYPE_CMP_cr;
                } else if (PKIBody.TYPE_KEY_UPDATE_REQ == type) {
                    eventType = CaAuditConstants.TYPE_CMP_kur;
                } else if (PKIBody.TYPE_P10_CERT_REQ == type) {
                    eventType = CaAuditConstants.TYPE_CMP_p10Cr;
                } else if (PKIBody.TYPE_CROSS_CERT_REQ == type) {
                    eventType = CaAuditConstants.TYPE_CMP_ccr;
                }
                if (eventType != null) {
                    event.addEventType(eventType);
                }
                respBody = cmpEnrollCert(request, respHeader, cmpControl, reqHeader, reqBody, tmpRequestor, tid, msgId, event);
                break;
            case PKIBody.TYPE_CERT_CONFIRM:
                event.addEventType(CaAuditConstants.TYPE_CMP_certConf);
                CertConfirmContent certConf = (CertConfirmContent) reqBody.getContent();
                respBody = confirmCertificates(tid, certConf, msgId);
                break;
            case PKIBody.TYPE_REVOCATION_REQ:
                respBody = cmpUnRevokeRemoveCertificates(request, respHeader, cmpControl, reqHeader, reqBody, tmpRequestor, msgId, event);
                break;
            case PKIBody.TYPE_CONFIRM:
                event.addEventType(CaAuditConstants.TYPE_CMP_pkiConf);
                respBody = new PKIBody(PKIBody.TYPE_CONFIRM, DERNull.INSTANCE);
                break;
            case PKIBody.TYPE_GEN_MSG:
                respBody = cmpGeneralMsg(respHeader, cmpControl, reqHeader, reqBody, tmpRequestor, tid, msgId, event);
                break;
            case PKIBody.TYPE_ERROR:
                event.addEventType(CaAuditConstants.TYPE_CMP_error);
                revokePendingCertificates(tid, msgId);
                respBody = new PKIBody(PKIBody.TYPE_CONFIRM, DERNull.INSTANCE);
                break;
            default:
                event.addEventType("PKIBody." + type);
                respBody = buildErrorMsgPkiBody(PKIStatus.rejection, PKIFailureInfo.badRequest, "unsupported type " + type);
                break;
        }
    // end switch (type)
    } catch (InsuffientPermissionException ex) {
        ErrorMsgContent emc = new ErrorMsgContent(new PKIStatusInfo(PKIStatus.rejection, new PKIFreeText(ex.getMessage()), new PKIFailureInfo(PKIFailureInfo.notAuthorized)));
        respBody = new PKIBody(PKIBody.TYPE_ERROR, emc);
    }
    if (respBody.getType() == PKIBody.TYPE_ERROR) {
        ErrorMsgContent errorMsgContent = (ErrorMsgContent) respBody.getContent();
        AuditStatus auditStatus = AuditStatus.FAILED;
        org.xipki.cmp.PkiStatusInfo pkiStatus = new org.xipki.cmp.PkiStatusInfo(errorMsgContent.getPKIStatusInfo());
        if (pkiStatus.pkiFailureInfo() == PKIFailureInfo.systemFailure) {
            auditStatus = AuditStatus.FAILED;
        }
        event.setStatus(auditStatus);
        String statusString = pkiStatus.statusMessage();
        if (statusString != null) {
            event.addEventData(CaAuditConstants.NAME_message, statusString);
        }
    } else if (event.getStatus() == null) {
        event.setStatus(AuditStatus.SUCCESSFUL);
    }
    return new PKIMessage(respHeader.build(), respBody);
}
Also used : PKIHeader(org.bouncycastle.asn1.cmp.PKIHeader) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) PKIMessage(org.bouncycastle.asn1.cmp.PKIMessage) GeneralPKIMessage(org.bouncycastle.cert.cmp.GeneralPKIMessage) PKIBody(org.bouncycastle.asn1.cmp.PKIBody) PKIHeaderBuilder(org.bouncycastle.asn1.cmp.PKIHeaderBuilder) PKIStatusInfo(org.bouncycastle.asn1.cmp.PKIStatusInfo) InsuffientPermissionException(org.xipki.ca.api.InsuffientPermissionException) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) PKIFreeText(org.bouncycastle.asn1.cmp.PKIFreeText) PKIFailureInfo(org.bouncycastle.asn1.cmp.PKIFailureInfo) CertConfirmContent(org.bouncycastle.asn1.cmp.CertConfirmContent) AuditStatus(org.xipki.audit.AuditStatus) CmpControl(org.xipki.ca.server.mgmt.api.CmpControl) ErrorMsgContent(org.bouncycastle.asn1.cmp.ErrorMsgContent)

Example 74 with ASN1OctetString

use of org.openecard.bouncycastle.asn1.ASN1OctetString in project xipki by xipki.

the class X509CrlSignerEntryWrapper method initSigner.

public void initSigner(SecurityFactory securityFactory) throws XiSecurityException, OperationException, InvalidConfException {
    ParamUtil.requireNonNull("securityFactory", securityFactory);
    if (signer != null) {
        return;
    }
    if (dbEntry == null) {
        throw new XiSecurityException("dbEntry is null");
    }
    if ("CA".equals(dbEntry.getType())) {
        return;
    }
    dbEntry.setConfFaulty(true);
    X509Certificate responderCert = dbEntry.getCert();
    try {
        signer = securityFactory.createSigner(dbEntry.getType(), new SignerConf(dbEntry.getConf()), responderCert);
    } catch (ObjectCreationException ex1) {
        throw new XiSecurityException("signer without certificate is not allowed");
    }
    X509Certificate signerCert = signer.getCertificate();
    if (signerCert == null) {
        throw new XiSecurityException("signer without certificate is not allowed");
    }
    if (dbEntry.getBase64Cert() == null) {
        dbEntry.setCert(signerCert);
    }
    byte[] encodedSkiValue = signerCert.getExtensionValue(Extension.subjectKeyIdentifier.getId());
    if (encodedSkiValue == null) {
        throw new OperationException(ErrorCode.INVALID_EXTENSION, "CA certificate does not have required extension SubjectKeyIdentifier");
    }
    ASN1OctetString ski;
    try {
        ski = (ASN1OctetString) X509ExtensionUtil.fromExtensionValue(encodedSkiValue);
    } catch (IOException ex) {
        throw new OperationException(ErrorCode.INVALID_EXTENSION, ex);
    }
    this.subjectKeyIdentifier = ski.getOctets();
    if (!X509Util.hasKeyusage(signerCert, KeyUsage.cRLSign)) {
        throw new OperationException(ErrorCode.SYSTEM_FAILURE, "CRL signer does not have keyusage cRLSign");
    }
    dbEntry.setConfFaulty(false);
}
Also used : ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) XiSecurityException(org.xipki.security.exception.XiSecurityException) ObjectCreationException(org.xipki.common.ObjectCreationException) SignerConf(org.xipki.security.SignerConf) IOException(java.io.IOException) X509Certificate(java.security.cert.X509Certificate) OperationException(org.xipki.ca.api.OperationException)

Example 75 with ASN1OctetString

use of org.openecard.bouncycastle.asn1.ASN1OctetString in project xipki by xipki.

the class CsrGenAction method execute0.

@Override
protected Object execute0() throws Exception {
    hashAlgo = hashAlgo.trim().toUpperCase();
    if (hashAlgo.indexOf('-') != -1) {
        hashAlgo = hashAlgo.replaceAll("-", "");
    }
    if (needExtensionTypes == null) {
        needExtensionTypes = new LinkedList<>();
    }
    if (wantExtensionTypes == null) {
        wantExtensionTypes = new LinkedList<>();
    }
    // SubjectAltNames
    List<Extension> extensions = new LinkedList<>();
    ASN1OctetString extnValue = createExtnValueSubjectAltName();
    if (extnValue != null) {
        ASN1ObjectIdentifier oid = Extension.subjectAlternativeName;
        extensions.add(new Extension(oid, false, extnValue));
        needExtensionTypes.add(oid.getId());
    }
    // SubjectInfoAccess
    extnValue = createExtnValueSubjectInfoAccess();
    if (extnValue != null) {
        ASN1ObjectIdentifier oid = Extension.subjectInfoAccess;
        extensions.add(new Extension(oid, false, extnValue));
        needExtensionTypes.add(oid.getId());
    }
    // Keyusage
    if (isNotEmpty(keyusages)) {
        Set<KeyUsage> usages = new HashSet<>();
        for (String usage : keyusages) {
            usages.add(KeyUsage.getKeyUsage(usage));
        }
        org.bouncycastle.asn1.x509.KeyUsage extValue = X509Util.createKeyUsage(usages);
        ASN1ObjectIdentifier extType = Extension.keyUsage;
        extensions.add(new Extension(extType, false, extValue.getEncoded()));
        needExtensionTypes.add(extType.getId());
    }
    // ExtendedKeyusage
    if (isNotEmpty(extkeyusages)) {
        ExtendedKeyUsage extValue = X509Util.createExtendedUsage(textToAsn1ObjectIdentifers(extkeyusages));
        ASN1ObjectIdentifier extType = Extension.extendedKeyUsage;
        extensions.add(new Extension(extType, false, extValue.getEncoded()));
        needExtensionTypes.add(extType.getId());
    }
    // QcEuLimitValue
    if (isNotEmpty(qcEuLimits)) {
        ASN1EncodableVector vec = new ASN1EncodableVector();
        for (String m : qcEuLimits) {
            StringTokenizer st = new StringTokenizer(m, ":");
            try {
                String currencyS = st.nextToken();
                String amountS = st.nextToken();
                String exponentS = st.nextToken();
                Iso4217CurrencyCode currency;
                try {
                    int intValue = Integer.parseInt(currencyS);
                    currency = new Iso4217CurrencyCode(intValue);
                } catch (NumberFormatException ex) {
                    currency = new Iso4217CurrencyCode(currencyS);
                }
                int amount = Integer.parseInt(amountS);
                int exponent = Integer.parseInt(exponentS);
                MonetaryValue monterayValue = new MonetaryValue(currency, amount, exponent);
                QCStatement statment = new QCStatement(ObjectIdentifiers.id_etsi_qcs_QcLimitValue, monterayValue);
                vec.add(statment);
            } catch (Exception ex) {
                throw new Exception("invalid qc-eu-limit '" + m + "'");
            }
        }
        ASN1ObjectIdentifier extType = Extension.qCStatements;
        ASN1Sequence extValue = new DERSequence(vec);
        extensions.add(new Extension(extType, false, extValue.getEncoded()));
        needExtensionTypes.add(extType.getId());
    }
    // biometricInfo
    if (biometricType != null && biometricHashAlgo != null && biometricFile != null) {
        TypeOfBiometricData tmpBiometricType = StringUtil.isNumber(biometricType) ? new TypeOfBiometricData(Integer.parseInt(biometricType)) : new TypeOfBiometricData(new ASN1ObjectIdentifier(biometricType));
        ASN1ObjectIdentifier tmpBiometricHashAlgo = AlgorithmUtil.getHashAlg(biometricHashAlgo);
        byte[] biometricBytes = IoUtil.read(biometricFile);
        MessageDigest md = MessageDigest.getInstance(tmpBiometricHashAlgo.getId());
        md.reset();
        byte[] tmpBiometricDataHash = md.digest(biometricBytes);
        DERIA5String tmpSourceDataUri = null;
        if (biometricUri != null) {
            tmpSourceDataUri = new DERIA5String(biometricUri);
        }
        BiometricData biometricData = new BiometricData(tmpBiometricType, new AlgorithmIdentifier(tmpBiometricHashAlgo), new DEROctetString(tmpBiometricDataHash), tmpSourceDataUri);
        ASN1EncodableVector vec = new ASN1EncodableVector();
        vec.add(biometricData);
        ASN1ObjectIdentifier extType = Extension.biometricInfo;
        ASN1Sequence extValue = new DERSequence(vec);
        extensions.add(new Extension(extType, false, extValue.getEncoded()));
        needExtensionTypes.add(extType.getId());
    } else if (biometricType == null && biometricHashAlgo == null && biometricFile == null) {
    // Do nothing
    } else {
        throw new Exception("either all of biometric triples (type, hash algo, file)" + " must be set or none of them should be set");
    }
    for (Extension addExt : getAdditionalExtensions()) {
        extensions.add(addExt);
    }
    needExtensionTypes.addAll(getAdditionalNeedExtensionTypes());
    wantExtensionTypes.addAll(getAdditionalWantExtensionTypes());
    if (isNotEmpty(needExtensionTypes) || isNotEmpty(wantExtensionTypes)) {
        ExtensionExistence ee = new ExtensionExistence(textToAsn1ObjectIdentifers(needExtensionTypes), textToAsn1ObjectIdentifers(wantExtensionTypes));
        extensions.add(new Extension(ObjectIdentifiers.id_xipki_ext_cmpRequestExtensions, false, ee.toASN1Primitive().getEncoded()));
    }
    ConcurrentContentSigner signer = getSigner(new SignatureAlgoControl(rsaMgf1, dsaPlain, gm));
    Map<ASN1ObjectIdentifier, ASN1Encodable> attributes = new HashMap<>();
    if (CollectionUtil.isNonEmpty(extensions)) {
        attributes.put(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, new Extensions(extensions.toArray(new Extension[0])));
    }
    if (StringUtil.isNotBlank(challengePassword)) {
        attributes.put(PKCSObjectIdentifiers.pkcs_9_at_challengePassword, new DERPrintableString(challengePassword));
    }
    SubjectPublicKeyInfo subjectPublicKeyInfo;
    if (signer.getCertificate() != null) {
        Certificate cert = Certificate.getInstance(signer.getCertificate().getEncoded());
        subjectPublicKeyInfo = cert.getSubjectPublicKeyInfo();
    } else {
        subjectPublicKeyInfo = KeyUtil.createSubjectPublicKeyInfo(signer.getPublicKey());
    }
    X500Name subjectDn = getSubject(subject);
    PKCS10CertificationRequest csr = generateRequest(signer, subjectPublicKeyInfo, subjectDn, attributes);
    File file = new File(outputFilename);
    saveVerbose("saved CSR to file", file, csr.getEncoded());
    return null;
}
Also used : ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) TypeOfBiometricData(org.bouncycastle.asn1.x509.qualified.TypeOfBiometricData) BiometricData(org.bouncycastle.asn1.x509.qualified.BiometricData) QCStatement(org.bouncycastle.asn1.x509.qualified.QCStatement) HashMap(java.util.HashMap) ExtendedKeyUsage(org.bouncycastle.asn1.x509.ExtendedKeyUsage) KeyUsage(org.xipki.security.KeyUsage) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERIA5String(org.bouncycastle.asn1.DERIA5String) X500Name(org.bouncycastle.asn1.x500.X500Name) Extensions(org.bouncycastle.asn1.x509.Extensions) Iso4217CurrencyCode(org.bouncycastle.asn1.x509.qualified.Iso4217CurrencyCode) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) DEROctetString(org.bouncycastle.asn1.DEROctetString) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) DERSequence(org.bouncycastle.asn1.DERSequence) DERIA5String(org.bouncycastle.asn1.DERIA5String) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) MessageDigest(java.security.MessageDigest) ExtendedKeyUsage(org.bouncycastle.asn1.x509.ExtendedKeyUsage) TypeOfBiometricData(org.bouncycastle.asn1.x509.qualified.TypeOfBiometricData) HashSet(java.util.HashSet) PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest) MonetaryValue(org.bouncycastle.asn1.x509.qualified.MonetaryValue) LinkedList(java.util.LinkedList) BadInputException(org.xipki.security.exception.BadInputException) InvalidOidOrNameException(org.xipki.security.exception.InvalidOidOrNameException) XiSecurityException(org.xipki.security.exception.XiSecurityException) NoIdleSignerException(org.xipki.security.exception.NoIdleSignerException) Extension(org.bouncycastle.asn1.x509.Extension) StringTokenizer(java.util.StringTokenizer) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) ConcurrentContentSigner(org.xipki.security.ConcurrentContentSigner) ExtensionExistence(org.xipki.security.ExtensionExistence) SignatureAlgoControl(org.xipki.security.SignatureAlgoControl) File(java.io.File) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) Certificate(org.bouncycastle.asn1.x509.Certificate)

Aggregations

ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)84 IOException (java.io.IOException)37 DEROctetString (org.bouncycastle.asn1.DEROctetString)25 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)23 ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)22 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)19 ByteArrayInputStream (java.io.ByteArrayInputStream)16 X509Certificate (java.security.cert.X509Certificate)15 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)15 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)14 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)14 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)13 Enumeration (java.util.Enumeration)12 DERBitString (org.bouncycastle.asn1.DERBitString)12 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)11 CertificateException (java.security.cert.CertificateException)11 DERBMPString (org.bouncycastle.asn1.DERBMPString)11 DERIA5String (org.bouncycastle.asn1.DERIA5String)11 DERUTF8String (org.bouncycastle.asn1.DERUTF8String)11 ASN1OctetString (com.unboundid.asn1.ASN1OctetString)10