use of org.spongycastle.asn1.DLSequence in project jruby-openssl by jruby.
the class X509Utils method checkIfIssuedBy.
/**
* c: X509_check_issued
*/
public static int checkIfIssuedBy(final X509AuxCertificate issuer, final X509AuxCertificate subject) throws IOException {
if (!issuer.getSubjectX500Principal().equals(subject.getIssuerX500Principal())) {
return V_ERR_SUBJECT_ISSUER_MISMATCH;
}
if (subject.getExtensionValue("2.5.29.35") != null) {
// authorityKeyID
// I hate ASN1 and DER
Object key = get(subject.getExtensionValue("2.5.29.35"));
if (!(key instanceof ASN1Sequence))
key = get((DEROctetString) key);
final ASN1Sequence seq = (ASN1Sequence) key;
final AuthorityKeyIdentifier sakid;
if (seq.size() == 1 && (seq.getObjectAt(0) instanceof ASN1OctetString)) {
sakid = AuthorityKeyIdentifier.getInstance(new DLSequence(new DERTaggedObject(0, seq.getObjectAt(0))));
} else {
sakid = AuthorityKeyIdentifier.getInstance(seq);
}
if (sakid.getKeyIdentifier() != null) {
if (issuer.getExtensionValue("2.5.29.14") != null) {
DEROctetString der = (DEROctetString) get(issuer.getExtensionValue("2.5.29.14"));
SubjectKeyIdentifier iskid = SubjectKeyIdentifier.getInstance(get(der.getOctets()));
if (iskid.getKeyIdentifier() != null) {
if (!Arrays.equals(sakid.getKeyIdentifier(), iskid.getKeyIdentifier())) {
return V_ERR_AKID_SKID_MISMATCH;
}
}
}
}
final BigInteger serialNumber = sakid.getAuthorityCertSerialNumber();
if (serialNumber != null && !serialNumber.equals(issuer.getSerialNumber())) {
return V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
}
if (sakid.getAuthorityCertIssuer() != null) {
GeneralName[] gens = sakid.getAuthorityCertIssuer().getNames();
X500Name x500Name = null;
for (int i = 0; i < gens.length; i++) {
if (gens[i].getTagNo() == GeneralName.directoryName) {
ASN1Encodable name = gens[i].getName();
if (name instanceof X500Name) {
x500Name = (X500Name) name;
} else if (name instanceof ASN1Sequence) {
x500Name = X500Name.getInstance((ASN1Sequence) name);
} else {
throw new RuntimeException("unknown name type: " + name);
}
break;
}
}
if (x500Name != null) {
if (!new Name(x500Name).equalTo(issuer.getIssuerX500Principal())) {
return V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
}
}
}
}
final boolean[] keyUsage = issuer.getKeyUsage();
if (subject.getExtensionValue("1.3.6.1.5.5.7.1.14") != null) {
if (keyUsage != null && !keyUsage[0]) {
// KU_DIGITAL_SIGNATURE
return V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE;
}
} else if (keyUsage != null && !keyUsage[5]) {
// KU_KEY_CERT_SIGN
return V_ERR_KEYUSAGE_NO_CERTSIGN;
}
return V_OK;
}
use of org.spongycastle.asn1.DLSequence in project robovm by robovm.
the class ContentInfo method toASN1Primitive.
/**
* Produce an object suitable for an ASN1OutputStream.
* <pre>
* ContentInfo ::= SEQUENCE {
* contentType ContentType,
* content
* [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL }
* </pre>
*/
public ASN1Primitive toASN1Primitive() {
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(contentType);
if (content != null) {
v.add(new BERTaggedObject(true, 0, content));
}
if (isBer) {
return new BERSequence(v);
} else {
return new DLSequence(v);
}
}
use of org.spongycastle.asn1.DLSequence in project aion by aionnetwork.
the class ECDSASignature method decodeFromDER.
public static ECDSASignature decodeFromDER(byte[] bytes) {
ASN1InputStream decoder = null;
try {
decoder = new ASN1InputStream(bytes);
DLSequence seq = (DLSequence) decoder.readObject();
if (seq == null) {
throw new RuntimeException("Reached past end of ASN.1 stream.");
}
ASN1Integer r, s;
try {
r = (ASN1Integer) seq.getObjectAt(0);
s = (ASN1Integer) seq.getObjectAt(1);
} catch (ClassCastException e) {
throw new IllegalArgumentException(e);
}
// http://r6.ca/blog/20111119T211504Z.html
return new ECDSASignature(r.getPositiveValue(), s.getPositiveValue());
} catch (IOException e) {
throw new RuntimeException(e);
} finally {
if (decoder != null) {
try {
decoder.close();
} catch (IOException x) {
}
}
}
}
use of org.spongycastle.asn1.DLSequence in project signer by demoiselle.
the class OIDGeneric method getInstance.
/**
* Instance for OIDGeneric.
*
* @param data
* Set of bytes with the contents of the certificate.
* @return Object GenericOID
* @throws IOException exception of input/output
* @throws Exception general exception
*/
public static OIDGeneric getInstance(byte[] data) throws IOException, Exception {
is = new ASN1InputStream(data);
DLSequence sequence = (DLSequence) is.readObject();
ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) sequence.getObjectAt(0);
DERTaggedObject taggedObject = (DERTaggedObject) sequence.getObjectAt(1);
DERTaggedObject taggedObject2 = (DERTaggedObject) taggedObject.getObject();
DEROctetString octet = null;
DERPrintableString print = null;
DERUTF8String utf8 = null;
DERIA5String ia5 = null;
try {
octet = (DEROctetString) taggedObject2.getObject();
} catch (Exception e) {
try {
print = (DERPrintableString) taggedObject2.getObject();
} catch (Exception e1) {
try {
utf8 = (DERUTF8String) taggedObject2.getObject();
} catch (Exception e2) {
ia5 = (DERIA5String) taggedObject2.getObject();
}
}
}
String className = getPackageName() + oid.getId().replaceAll("[.]", "_");
OIDGeneric oidGenerico;
try {
oidGenerico = (OIDGeneric) Class.forName(className).newInstance();
} catch (InstantiationException e) {
throw new Exception(coreMessagesBundle.getString("error.class.instance", className), e);
} catch (IllegalAccessException e) {
throw new Exception(coreMessagesBundle.getString("error.class.illegal.access", className), e);
} catch (ClassNotFoundException e) {
oidGenerico = new OIDGeneric();
}
oidGenerico.oid = oid.getId();
if (octet != null) {
oidGenerico.data = new String(octet.getOctets());
} else {
if (print != null) {
oidGenerico.data = print.getString();
} else {
if (utf8 != null) {
oidGenerico.data = utf8.getString();
} else {
oidGenerico.data = ia5.getString();
}
}
}
oidGenerico.initialize();
return oidGenerico;
}
use of org.spongycastle.asn1.DLSequence in project signer by demoiselle.
the class PolicyIssuerName method parse.
@Override
public void parse(ASN1Primitive primitive) {
if (primitive instanceof DLSequence) {
DLSequence sequence = (DLSequence) primitive;
ASN1Encodable asn1Encodable = sequence.getObjectAt(0);
if (asn1Encodable instanceof DERTaggedObject) {
DERTaggedObject derTaggedObject = (DERTaggedObject) asn1Encodable;
ASN1Primitive object = derTaggedObject.getObject();
if (object instanceof DEROctetString) {
OctetString octetString = new OctetString();
octetString.parse(object);
this.issuerName = octetString.getValueUTF8();
} else if (object instanceof DERSequence) {
DERSequence sequence2 = (DERSequence) object;
for (int i = 0; i < sequence2.size(); i++) {
ASN1Encodable obj = sequence2.getObjectAt(i);
if (obj instanceof DERSet) {
DERSet set = (DERSet) obj;
ASN1Encodable object2 = set.getObjectAt(0);
if (object2 instanceof DERSequence) {
DERSequence sequence3 = (DERSequence) object2;
ObjectIdentifier objectIdendifier = new ObjectIdentifier();
objectIdendifier.parse(sequence3.getObjectAt(0).toASN1Primitive());
String name = null;
ASN1Encodable object3 = sequence3.getObjectAt(1);
if (object3 instanceof DERPrintableString) {
name = ((DERPrintableString) object3).getString();
} else if (object3 instanceof DERUTF8String) {
name = ((DERUTF8String) object3).getString();
} else {
System.out.println(policyMessagesBundle.getString("error.not.recognized.object", object3.getClass(), object3.toString()));
}
if (this.issuerNames == null) {
this.issuerNames = new HashMap<ObjectIdentifier, String>();
}
this.issuerNames.put(objectIdendifier, name);
}
}
}
}
}
}
}
Aggregations