Example 6 with DLSequence
use of org.spongycastle.asn1.DLSequence in project signer by demoiselle.
the class LPA method parse.
@Override
public void parse(ASN1Primitive derObject) {
ASN1Sequence sequence = ASN1Object.getDERSequence(derObject);
ASN1Primitive policyInfos = sequence.getObjectAt(0).toASN1Primitive();
DLSequence policyInfosSequence = (DLSequence) policyInfos;
if (policyInfosSequence != null && policyInfosSequence.size() > 0) {
this.policyInfos = new ArrayList<>();
for (int i = 0; i < policyInfosSequence.size(); i++) {
PolicyInfo policyInfo = new PolicyInfo();
policyInfo.parse(policyInfosSequence.getObjectAt(i).toASN1Primitive());
this.policyInfos.add(policyInfo);
}
}
this.nextUpdate = new Time();
this.nextUpdate.parse(sequence.getObjectAt(1).toASN1Primitive());
}
Also used :
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
DLSequence(org.bouncycastle.asn1.DLSequence)
ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive)
Example 7 with DLSequence
use of org.spongycastle.asn1.DLSequence in project signer by demoiselle.
the class BasicCertificate method getCertificateLevel.
/**
* returns the ICP-BRASIL Certificate Level(A1, A2, A3, A4, S1, S2, S3,
* S4).<br>
* DOC-ICP-04 Returns the <b>null</b> value if the CertificatePolicies is
* NOT present.
*
* @return String Certificate level
*/
public String getCertificateLevel() {
try {
DLSequence sequence = (DLSequence) getExtensionValue(Extension.certificatePolicies.getId());
if (sequence != null) {
for (int pos = 0; pos < sequence.size(); pos++) {
DLSequence sequence2 = (DLSequence) sequence.getObjectAt(pos);
ASN1ObjectIdentifier policyIdentifier = (ASN1ObjectIdentifier) sequence2.getObjectAt(0);
PolicyInformation policyInformation = new PolicyInformation(policyIdentifier);
String id = policyInformation.getPolicyIdentifier().getId();
if (id == null) {
continue;
}
if (id.startsWith(OID_A1_CERTIFICATE)) {
return "A1";
}
if (id.startsWith(OID_A2_CERTIFICATE)) {
return "A2";
}
if (id.startsWith(OID_A3_CERTIFICATE)) {
return "A3";
}
if (id.startsWith(OID_A4_CERTIFICATE)) {
return "A4";
}
if (id.startsWith(OID_S1_CERTIFICATE)) {
return "S1";
}
if (id.startsWith(OID_S2_CERTIFICATE)) {
return "S2";
}
if (id.startsWith(OID_S3_CERTIFICATE)) {
return "S3";
}
if (id.startsWith(OID_S4_CERTIFICATE)) {
return "S4";
}
}
}
return null;
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
Also used :
DLSequence(org.bouncycastle.asn1.DLSequence)
PolicyInformation(org.bouncycastle.asn1.x509.PolicyInformation)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)
CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
Example 8 with DLSequence
use of org.spongycastle.asn1.DLSequence in project signer by demoiselle.
the class BasicCertificate method getAuthorityKeyIdentifier.
/**
* @return the authority key identifier of a certificate
* @throws IOException exception
*/
public String getAuthorityKeyIdentifier() throws IOException {
// TODO - Precisa validar este metodo com a RFC
DLSequence sequence = (DLSequence) getExtensionValue(Extension.authorityKeyIdentifier.getId());
if (sequence == null || sequence.size() == 0) {
return null;
}
DERTaggedObject taggedObject = (DERTaggedObject) sequence.getObjectAt(0);
DEROctetString oct = (DEROctetString) taggedObject.getObject();
return toString(oct.getOctets());
}
Also used :
DLSequence(org.bouncycastle.asn1.DLSequence)
DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
Example 9 with DLSequence
use of org.spongycastle.asn1.DLSequence in project jruby-openssl by jruby.
the class PKeyEC method dsa_sign_asn1.
@JRubyMethod(name = "dsa_sign_asn1")
public IRubyObject dsa_sign_asn1(final ThreadContext context, final IRubyObject data) {
try {
ECNamedCurveParameterSpec params = ECNamedCurveTable.getParameterSpec(getCurveName());
ASN1ObjectIdentifier oid = getCurveOID(getCurveName());
ECNamedDomainParameters domainParams = new ECNamedDomainParameters(oid, params.getCurve(), params.getG(), params.getN(), params.getH(), params.getSeed());
final ECDSASigner signer = new ECDSASigner();
final ECPrivateKey privKey = (ECPrivateKey) this.privateKey;
signer.init(true, new ECPrivateKeyParameters(privKey.getS(), domainParams));
final byte[] message = data.convertToString().getBytes();
// [r, s]
BigInteger[] signature = signer.generateSignature(message);
// final byte[] r = signature[0].toByteArray();
// final byte[] s = signature[1].toByteArray();
// // ASN.1 encode as: 0x30 len 0x02 rlen (r) 0x02 slen (s)
// final int len = 1 + (1 + r.length) + 1 + (1 + s.length);
//
// final byte[] encoded = new byte[1 + 1 + len]; int i;
// encoded[0] = 0x30;
// encoded[1] = (byte) len;
// encoded[2] = 0x20;
// encoded[3] = (byte) r.length;
// System.arraycopy(r, 0, encoded, i = 4, r.length); i += r.length;
// encoded[i++] = 0x20;
// encoded[i++] = (byte) s.length;
// System.arraycopy(s, 0, encoded, i, s.length);
ByteArrayOutputStream bytes = new ByteArrayOutputStream();
ASN1OutputStream asn1 = new ASN1OutputStream(bytes);
ASN1EncodableVector v = new ASN1EncodableVector();
// r
v.add(new ASN1Integer(signature[0]));
// s
v.add(new ASN1Integer(signature[1]));
asn1.writeObject(new DLSequence(v));
return StringHelper.newString(context.runtime, bytes.buffer(), bytes.size());
} catch (IOException ex) {
throw newECError(context.runtime, ex.toString());
} catch (RuntimeException ex) {
throw newECError(context.runtime, ex.toString());
}
}
Also used :
PKey.readECPrivateKey(org.jruby.ext.openssl.impl.PKey.readECPrivateKey)
ECPrivateKey(java.security.interfaces.ECPrivateKey)
ECDSASigner(org.bouncycastle.crypto.signers.ECDSASigner)
ECNamedDomainParameters(org.bouncycastle.crypto.params.ECNamedDomainParameters)
ByteArrayOutputStream(org.jruby.ext.openssl.util.ByteArrayOutputStream)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
IOException(java.io.IOException)
ASN1OutputStream(org.bouncycastle.asn1.ASN1OutputStream)
ECPrivateKeyParameters(org.bouncycastle.crypto.params.ECPrivateKeyParameters)
DLSequence(org.bouncycastle.asn1.DLSequence)
ECNamedCurveParameterSpec(org.bouncycastle.jce.spec.ECNamedCurveParameterSpec)
BigInteger(java.math.BigInteger)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
JRubyMethod(org.jruby.anno.JRubyMethod)
Example 10 with DLSequence
use of org.spongycastle.asn1.DLSequence in project jruby-openssl by jruby.
the class X509CRL method sign.
@JRubyMethod
public IRubyObject sign(final ThreadContext context, final IRubyObject key, IRubyObject digest) {
final Ruby runtime = context.runtime;
final String signatureAlgorithm = getSignatureAlgorithm(runtime, (PKey) key, (Digest) digest);
final X500Name issuerName = ((X509Name) issuer).getX500Name();
final java.util.Date thisUpdate = getLastUpdate().toDate();
final X509v2CRLBuilder generator = new X509v2CRLBuilder(issuerName, thisUpdate);
final java.util.Date nextUpdate = getNextUpdate().toDate();
generator.setNextUpdate(nextUpdate);
if (revoked != null) {
for (int i = 0; i < revoked.size(); i++) {
final X509Revoked rev = (X509Revoked) revoked.entry(i);
BigInteger serial = new BigInteger(rev.callMethod(context, "serial").toString());
RubyTime t1 = (RubyTime) rev.callMethod(context, "time").callMethod(context, "getutc");
t1.setMicroseconds(0);
final Extensions revExts;
if (rev.hasExtensions()) {
final RubyArray exts = rev.extensions();
final ASN1Encodable[] array = new ASN1Encodable[exts.size()];
for (int j = 0; j < exts.size(); j++) {
final X509Extension ext = (X509Extension) exts.entry(j);
try {
array[j] = ext.toASN1Sequence();
} catch (IOException e) {
throw newCRLError(runtime, e);
}
}
revExts = Extensions.getInstance(new DERSequence(array));
} else {
revExts = null;
}
generator.addCRLEntry(serial, t1.getJavaDate(), revExts);
}
}
try {
for (int i = 0; i < extensions.size(); i++) {
X509Extension ext = (X509Extension) extensions.entry(i);
ASN1Encodable value = ext.getRealValue();
generator.addExtension(ext.getRealObjectID(), ext.isRealCritical(), value);
}
} catch (IOException e) {
throw newCRLError(runtime, e);
}
final PrivateKey privateKey = ((PKey) key).getPrivateKey();
try {
if (avoidJavaSecurity) {
// NOT IMPLEMENTED
} else {
// crl = generator.generate(((PKey) key).getPrivateKey());
}
/*
AlgorithmIdentifier keyAldID = new AlgorithmIdentifier(new ASN1ObjectIdentifier(keyAlg));
AlgorithmIdentifier digAldID = new AlgorithmIdentifier(new ASN1ObjectIdentifier(digAlg));
final BcContentSignerBuilder signerBuilder;
final AsymmetricKeyParameter signerPrivateKey;
if ( isDSA ) {
signerBuilder = new BcDSAContentSignerBuilder(keyAldID, digAldID);
DSAPrivateKey privateKey = (DSAPrivateKey) ((PKey) key).getPrivateKey();
DSAParameters params = new DSAParameters(
privateKey.getParams().getP(),
privateKey.getParams().getQ(),
privateKey.getParams().getG()
);
signerPrivateKey = new DSAPrivateKeyParameters(privateKey.getX(), params);
}
*/
ContentSigner signer = new JcaContentSignerBuilder(signatureAlgorithm).build(privateKey);
this.crlHolder = generator.build(signer);
this.crl = null;
} catch (IllegalStateException e) {
debugStackTrace(e);
throw newCRLError(runtime, e);
} catch (Exception e) {
debugStackTrace(e);
throw newCRLError(runtime, e.getMessage());
}
final ASN1Primitive crlVal = getCRLValue(runtime);
ASN1Sequence v1 = (ASN1Sequence) (((ASN1Sequence) crlVal).getObjectAt(0));
final ASN1EncodableVector build1 = new ASN1EncodableVector();
int copyIndex = 0;
if (v1.getObjectAt(0) instanceof ASN1Integer)
copyIndex++;
build1.add(new ASN1Integer(new BigInteger(version.toString())));
while (copyIndex < v1.size()) {
build1.add(v1.getObjectAt(copyIndex++));
}
final ASN1EncodableVector build2 = new ASN1EncodableVector();
build2.add(new DLSequence(build1));
build2.add(((ASN1Sequence) crlVal).getObjectAt(1));
build2.add(((ASN1Sequence) crlVal).getObjectAt(2));
this.crlValue = new DLSequence(build2);
changed = false;
return this;
}
Also used :
RubyTime(org.jruby.RubyTime)
PrivateKey(java.security.PrivateKey)
RubyArray(org.jruby.RubyArray)
JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)
RubyString(org.jruby.RubyString)
X500Name(org.bouncycastle.asn1.x500.X500Name)
Extensions(org.bouncycastle.asn1.x509.Extensions)
DERSequence(org.bouncycastle.asn1.DERSequence)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
X509v2CRLBuilder(org.bouncycastle.cert.X509v2CRLBuilder)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
Ruby(org.jruby.Ruby)
ContentSigner(org.bouncycastle.operator.ContentSigner)
IOException(java.io.IOException)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
RaiseException(org.jruby.exceptions.RaiseException)
GeneralSecurityException(java.security.GeneralSecurityException)
CRLException(java.security.cert.CRLException)
IOException(java.io.IOException)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
DLSequence(org.bouncycastle.asn1.DLSequence)
BigInteger(java.math.BigInteger)
ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive)
JRubyMethod(org.jruby.anno.JRubyMethod)
Aggregations
DLSequence (org.bouncycastle.asn1.DLSequence)35
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)21
IOException (java.io.IOException)13
DERTaggedObject (org.bouncycastle.asn1.DERTaggedObject)13
ASN1Integer (org.bouncycastle.asn1.ASN1Integer)12
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)9
DEROctetString (org.bouncycastle.asn1.DEROctetString)9
ASN1Primitive (org.bouncycastle.asn1.ASN1Primitive)8
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)8
DERIA5String (org.bouncycastle.asn1.DERIA5String)6
DERUTF8String (org.bouncycastle.asn1.DERUTF8String)6
BigInteger (java.math.BigInteger)5
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)5
Pair (android.util.Pair)3
BufferedWriter (java.io.BufferedWriter)3
ASN1OutputStream (org.bouncycastle.asn1.ASN1OutputStream)3
JRubyMethod (org.jruby.anno.JRubyMethod)3
ByteArrayOutputStream (org.jruby.ext.openssl.util.ByteArrayOutputStream)3
CertificateEncodingException (java.security.cert.CertificateEncodingException)2
ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)2
