use of org.spongycastle.asn1.ASN1InputStream in project candlepin by candlepin.
the class X509CRLStreamWriter method write.
/**
* Write a modified CRL to the given output stream. This method will add each entry provided
* via the add() method.
*
* @param out OutputStream to write to
* @throws IOException if something goes wrong
*/
public void write(OutputStream out) throws IOException {
if (!locked || !preScanned) {
throw new IllegalStateException("The instance must be preScanned and locked before writing.");
}
if (emptyCrl) {
/* An empty CRL is going to be missing the revokedCertificates sequence
* and would require a lot of special casing during the streaming process.
* Instead, it is easier to construct the CRL in the normal fashion using
* BouncyCastle. Performance should be acceptable as long as the number of
* CRL entries being added are reasonable in number. Something less than a
* thousand or so should yield adequate performance.
*/
writeToEmptyCrl(out);
return;
}
originalLength = handleHeader(out);
int tag;
int tagNo;
int length;
while (originalLength > count.get()) {
tag = readTag(crlIn, count);
tagNo = readTagNumber(crlIn, tag, count);
length = readLength(crlIn, count);
byte[] entryBytes = new byte[length];
readFullyAndTrack(crlIn, entryBytes, count);
// We only need the serial number and not the rest of the stuff in the entry
ASN1Integer serial = (ASN1Integer) new ASN1InputStream(entryBytes).readObject();
if (deletedEntriesLength == 0 || !deletedEntries.contains(serial.getValue())) {
writeTag(out, tag, tagNo, signer);
writeLength(out, length, signer);
writeValue(out, entryBytes, signer);
}
}
// Write the new entries into the new CRL
for (ASN1Sequence entry : newEntries) {
writeBytes(out, entry.getEncoded(), signer);
}
// Copy the old extensions over
if (newExtensions != null) {
out.write(newExtensions);
signer.getOutputStream().write(newExtensions, 0, newExtensions.length);
}
out.write(signingAlg.getEncoded());
try {
byte[] signature = signer.getSignature();
ASN1BitString signatureBits = new DERBitString(signature);
out.write(signatureBits.getEncoded());
} catch (DataLengthException e) {
throw new IOException("Could not sign", e);
}
}
use of org.spongycastle.asn1.ASN1InputStream in project candlepin by candlepin.
the class BouncyCastlePKIUtility method decodeDERValue.
@Override
public String decodeDERValue(byte[] value) {
ASN1InputStream vis = null;
ASN1InputStream decoded = null;
try {
vis = new ASN1InputStream(value);
decoded = new ASN1InputStream(((DEROctetString) vis.readObject()).getOctets());
return decoded.readObject().toString();
} catch (IOException e) {
throw new RuntimeException(e);
} finally {
if (vis != null) {
try {
vis.close();
} catch (IOException e) {
log.warn("failed to close ASN1 stream", e);
}
}
if (decoded != null) {
try {
decoded.close();
} catch (IOException e) {
log.warn("failed to close ASN1 stream", e);
}
}
}
}
use of org.spongycastle.asn1.ASN1InputStream in project jruby-openssl by jruby.
the class PEMInputOutput method readPKCS7.
/**
* Reads in a PKCS7 object. This returns a ContentInfo object suitable for use with the CMS
* API.
*
* @return the X509Certificate
* @throws IOException if an I/O error occured
*/
private static CMSSignedData readPKCS7(BufferedReader in, char[] p, String endMarker) throws IOException {
ByteArrayOutputStream bytes = new ByteArrayOutputStream();
String line;
StringBuilder buffer = new StringBuilder();
while ((line = in.readLine()) != null) {
if (line.contains(endMarker))
break;
buffer.append(line.trim());
final int len = buffer.length();
Base64.decode(buffer.substring(0, (len / 4) * 4), bytes);
buffer.delete(0, (len / 4) * 4);
}
if (buffer.length() != 0) {
throw new IOException("base64 data appears to be truncated");
}
if (line == null)
throw new IOException(endMarker + " not found");
try {
ASN1InputStream aIn = new ASN1InputStream(bytes.toByteArray());
return new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
} catch (CMSException e) {
throw new IOException("problem parsing PKCS7 object: " + e, e);
}
}
use of org.spongycastle.asn1.ASN1InputStream in project jruby-openssl by jruby.
the class PKey method readRSAPrivateKey.
public static KeyPair readRSAPrivateKey(final KeyFactory rsaFactory, final byte[] input) throws IOException, InvalidKeySpecException {
ASN1Sequence seq = (ASN1Sequence) new ASN1InputStream(input).readObject();
if (seq.size() == 9) {
BigInteger mod = ((ASN1Integer) seq.getObjectAt(1)).getValue();
BigInteger pubexp = ((ASN1Integer) seq.getObjectAt(2)).getValue();
BigInteger privexp = ((ASN1Integer) seq.getObjectAt(3)).getValue();
BigInteger primep = ((ASN1Integer) seq.getObjectAt(4)).getValue();
BigInteger primeq = ((ASN1Integer) seq.getObjectAt(5)).getValue();
BigInteger primeep = ((ASN1Integer) seq.getObjectAt(6)).getValue();
BigInteger primeeq = ((ASN1Integer) seq.getObjectAt(7)).getValue();
BigInteger crtcoeff = ((ASN1Integer) seq.getObjectAt(8)).getValue();
PrivateKey priv = rsaFactory.generatePrivate(new RSAPrivateCrtKeySpec(mod, pubexp, privexp, primep, primeq, primeep, primeeq, crtcoeff));
PublicKey pub = rsaFactory.generatePublic(new RSAPublicKeySpec(mod, pubexp));
return new KeyPair(pub, priv);
}
return null;
}
use of org.spongycastle.asn1.ASN1InputStream in project jruby-openssl by jruby.
the class PKey method readRSAPublicKey.
public static PublicKey readRSAPublicKey(final KeyFactory rsaFactory, final byte[] input) throws IOException, InvalidKeySpecException {
ASN1Sequence seq = (ASN1Sequence) new ASN1InputStream(input).readObject();
if (seq.size() == 2) {
BigInteger mod = ((ASN1Integer) seq.getObjectAt(0)).getValue();
BigInteger pubexp = ((ASN1Integer) seq.getObjectAt(1)).getValue();
return rsaFactory.generatePublic(new RSAPublicKeySpec(mod, pubexp));
}
return null;
}
Aggregations