Examples with DEROctetString org.spongycastle.asn1.DEROctetString used on opensource projects

Example 71 with DEROctetString

use of org.spongycastle.asn1.DEROctetString in project signer by demoiselle.

the class DemoiselleSignedAttributeTableGenerator method createStandardAttributeTable.

/**
 * Create a standard attribute table from the passed in parameters - this will
 * normally include contentType, signingTime, and messageDigest. If the constructor
 * using an AttributeTable was used, entries in it for contentType, signingTime, and
 * messageDigest will override the generated ones.
 *
 * @param parameters source parameters for table generation.
 *
 * @return a filled in Hashtable of attributes.
 */
protected Hashtable createStandardAttributeTable(Map parameters) {
    Hashtable std = copyHashTable(table);
    if (!std.containsKey(CMSAttributes.contentType)) {
        ASN1ObjectIdentifier contentType = ASN1ObjectIdentifier.getInstance(parameters.get(CMSAttributeTableGenerator.CONTENT_TYPE));
        // contentType will be null if we're trying to generate a counter signature.
        if (contentType != null) {
            Attribute attr = new Attribute(CMSAttributes.contentType, new DERSet(contentType));
            std.put(attr.getAttrType(), attr);
        }
    }
    if (!std.containsKey(CMSAttributes.messageDigest)) {
        byte[] messageDigest = (byte[]) parameters.get(CMSAttributeTableGenerator.DIGEST);
        Attribute attr = new Attribute(CMSAttributes.messageDigest, new DERSet(new DEROctetString(messageDigest)));
        std.put(attr.getAttrType(), attr);
    }
    return std;
}

Example 72 with DEROctetString

use of org.spongycastle.asn1.DEROctetString in project signer by demoiselle.

the class MessageDigest method getValue.

@Override
public Attribute getValue() {
    try {
        if (this.hash == null) {
            java.security.MessageDigest md = java.security.MessageDigest.getInstance(signaturePolicy.getSignPolicyHashAlg().getAlgorithm().getValue());
            this.hash = md.digest(content);
        }
        return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new DEROctetString(this.hash)));
    } catch (NoSuchAlgorithmException ex) {
        logger.info(ex.getMessage());
        return null;
    }
}

Example 73 with DEROctetString

use of org.spongycastle.asn1.DEROctetString in project photon-model by vmware.

the class CertificateUtil method getServerExtensions.

private static List<ExtensionHolder> getServerExtensions(X509Certificate issuerCertificate) throws CertificateEncodingException, NoSuchAlgorithmException, IOException {
    List<ExtensionHolder> extensions = new ArrayList<>();
    // SSO forces us to allow data encipherment
    extensions.add(new ExtensionHolder(Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyEncipherment | KeyUsage.dataEncipherment)));
    extensions.add(new ExtensionHolder(Extension.extendedKeyUsage, true, new ExtendedKeyUsage(KeyPurposeId.id_kp_serverAuth)));
    Extension authorityKeyExtension = new Extension(Extension.authorityKeyIdentifier, false, new DEROctetString(new JcaX509ExtensionUtils().createAuthorityKeyIdentifier(issuerCertificate)));
    extensions.add(new ExtensionHolder(authorityKeyExtension.getExtnId(), authorityKeyExtension.isCritical(), authorityKeyExtension.getParsedValue()));
    return extensions;
}

Example 74 with DEROctetString

use of org.spongycastle.asn1.DEROctetString in project candlepin by candlepin.

the class X509CRLStreamWriter method offsetNextUpdate.

/**
 * Write a new nextUpdate time that is the same amount of time ahead of the new thisUpdate
 * time as the old nextUpdate was from the old thisUpdate.
 *
 * @param out
 * @param tagNo
 * @param oldThisUpdate
 * @throws IOException
 */
protected void offsetNextUpdate(OutputStream out, int tagNo, Date oldThisUpdate) throws IOException {
    int originalLength = readLength(crlIn, null);
    byte[] oldBytes = new byte[originalLength];
    readFullyAndTrack(crlIn, oldBytes, null);
    ASN1Object oldTime = null;
    if (tagNo == UTC_TIME) {
        ASN1TaggedObject t = new DERTaggedObject(UTC_TIME, new DEROctetString(oldBytes));
        oldTime = ASN1UTCTime.getInstance(t, false);
    } else {
        ASN1TaggedObject t = new DERTaggedObject(GENERALIZED_TIME, new DEROctetString(oldBytes));
        oldTime = ASN1GeneralizedTime.getInstance(t, false);
    }
    /* Determine the time between the old thisUpdate and old nextUpdate and add it
        /* to the new nextUpdate. */
    Date oldNextUpdate = Time.getInstance(oldTime).getDate();
    long delta = oldNextUpdate.getTime() - oldThisUpdate.getTime();
    Date newNextUpdate = new Date(new Date().getTime() + delta);
    ASN1Object newTime = null;
    if (tagNo == UTC_TIME) {
        newTime = new DERUTCTime(newNextUpdate);
    } else {
        newTime = new DERGeneralizedTime(newNextUpdate);
    }
    writeNewTime(out, newTime, originalLength);
}

Example 75 with DEROctetString

use of org.spongycastle.asn1.DEROctetString in project candlepin by candlepin.

the class X509CRLStreamWriter method updateExtensions.

/**
 * This method updates the crlNumber and authorityKeyIdentifier extensions.  Any
 * other extensions are copied over unchanged.
 * @param obj
 * @return
 * @throws IOException
 */
@SuppressWarnings("rawtypes")
protected byte[] updateExtensions(byte[] obj) throws IOException {
    ASN1TaggedObject taggedExts = (ASN1TaggedObject) new ASN1InputStream(obj).readObject();
    ASN1Sequence seq = (ASN1Sequence) taggedExts.getObject();
    ASN1EncodableVector modifiedExts = new ASN1EncodableVector();
    // Now we need to read the extensions and find the CRL number and increment it,
    // and determine if its length changed.
    Enumeration objs = seq.getObjects();
    while (objs.hasMoreElements()) {
        ASN1Sequence ext = (ASN1Sequence) objs.nextElement();
        ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) ext.getObjectAt(0);
        if (Extension.cRLNumber.equals(oid)) {
            ASN1OctetString s = (ASN1OctetString) ext.getObjectAt(1);
            ASN1Integer i = (ASN1Integer) new ASN1InputStream(s.getOctets()).readObject();
            ASN1Integer newCrlNumber = new ASN1Integer(i.getValue().add(BigInteger.ONE));
            Extension newNumberExt = new Extension(Extension.cRLNumber, false, new DEROctetString(newCrlNumber.getEncoded()));
            ASN1EncodableVector crlNumber = new ASN1EncodableVector();
            crlNumber.add(Extension.cRLNumber);
            crlNumber.add(newNumberExt.getExtnValue());
            modifiedExts.add(new DERSequence(crlNumber));
        } else if (Extension.authorityKeyIdentifier.equals(oid)) {
            Extension newAuthorityKeyExt = new Extension(Extension.authorityKeyIdentifier, false, aki.getEncoded());
            ASN1EncodableVector aki = new ASN1EncodableVector();
            aki.add(Extension.authorityKeyIdentifier);
            aki.add(newAuthorityKeyExt.getExtnValue());
            modifiedExts.add(new DERSequence(aki));
        } else {
            modifiedExts.add(ext);
        }
    }
    ASN1Sequence seqOut = new DERSequence(modifiedExts);
    ASN1TaggedObject out = new DERTaggedObject(true, 0, seqOut);
    return out.getEncoded();
}