Search in sources :

Example 16 with DLSequence

use of org.spongycastle.asn1.DLSequence in project jruby-openssl by jruby.

the class X509Utils method checkIfIssuedBy.

/**
 * c: X509_check_issued
 */
public static int checkIfIssuedBy(final X509AuxCertificate issuer, final X509AuxCertificate subject) throws IOException {
    if (!issuer.getSubjectX500Principal().equals(subject.getIssuerX500Principal())) {
        return V_ERR_SUBJECT_ISSUER_MISMATCH;
    }
    if (subject.getExtensionValue("2.5.29.35") != null) {
        // authorityKeyID
        // I hate ASN1 and DER
        Object key = get(subject.getExtensionValue("2.5.29.35"));
        if (!(key instanceof ASN1Sequence))
            key = get((DEROctetString) key);
        final ASN1Sequence seq = (ASN1Sequence) key;
        final AuthorityKeyIdentifier sakid;
        if (seq.size() == 1 && (seq.getObjectAt(0) instanceof ASN1OctetString)) {
            sakid = AuthorityKeyIdentifier.getInstance(new DLSequence(new DERTaggedObject(0, seq.getObjectAt(0))));
        } else {
            sakid = AuthorityKeyIdentifier.getInstance(seq);
        }
        if (sakid.getKeyIdentifier() != null) {
            if (issuer.getExtensionValue("2.5.29.14") != null) {
                DEROctetString der = (DEROctetString) get(issuer.getExtensionValue("2.5.29.14"));
                SubjectKeyIdentifier iskid = SubjectKeyIdentifier.getInstance(get(der.getOctets()));
                if (iskid.getKeyIdentifier() != null) {
                    if (!Arrays.equals(sakid.getKeyIdentifier(), iskid.getKeyIdentifier())) {
                        return V_ERR_AKID_SKID_MISMATCH;
                    }
                }
            }
        }
        final BigInteger serialNumber = sakid.getAuthorityCertSerialNumber();
        if (serialNumber != null && !serialNumber.equals(issuer.getSerialNumber())) {
            return V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
        }
        if (sakid.getAuthorityCertIssuer() != null) {
            GeneralName[] gens = sakid.getAuthorityCertIssuer().getNames();
            X500Name x500Name = null;
            for (int i = 0; i < gens.length; i++) {
                if (gens[i].getTagNo() == GeneralName.directoryName) {
                    ASN1Encodable name = gens[i].getName();
                    if (name instanceof X500Name) {
                        x500Name = (X500Name) name;
                    } else if (name instanceof ASN1Sequence) {
                        x500Name = X500Name.getInstance((ASN1Sequence) name);
                    } else {
                        throw new RuntimeException("unknown name type: " + name);
                    }
                    break;
                }
            }
            if (x500Name != null) {
                if (!new Name(x500Name).equalTo(issuer.getIssuerX500Principal())) {
                    return V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
                }
            }
        }
    }
    final boolean[] keyUsage = issuer.getKeyUsage();
    if (subject.getExtensionValue("1.3.6.1.5.5.7.1.14") != null) {
        if (keyUsage != null && !keyUsage[0]) {
            // KU_DIGITAL_SIGNATURE
            return V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE;
        }
    } else if (keyUsage != null && !keyUsage[5]) {
        // KU_KEY_CERT_SIGN
        return V_ERR_KEYUSAGE_NO_CERTSIGN;
    }
    return V_OK;
}
Also used : ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) AuthorityKeyIdentifier(org.bouncycastle.asn1.x509.AuthorityKeyIdentifier) SubjectKeyIdentifier(org.bouncycastle.asn1.x509.SubjectKeyIdentifier) X500Name(org.bouncycastle.asn1.x500.X500Name) DEROctetString(org.bouncycastle.asn1.DEROctetString) GeneralName(org.bouncycastle.asn1.x509.GeneralName) X500Name(org.bouncycastle.asn1.x500.X500Name) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) DLSequence(org.bouncycastle.asn1.DLSequence) BigInteger(java.math.BigInteger) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) GeneralName(org.bouncycastle.asn1.x509.GeneralName) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)

Example 17 with DLSequence

use of org.spongycastle.asn1.DLSequence in project robovm by robovm.

the class ContentInfo method toASN1Primitive.

/**
     * Produce an object suitable for an ASN1OutputStream.
     * <pre>
     * ContentInfo ::= SEQUENCE {
     *          contentType ContentType,
     *          content
     *          [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL }
     * </pre>
     */
public ASN1Primitive toASN1Primitive() {
    ASN1EncodableVector v = new ASN1EncodableVector();
    v.add(contentType);
    if (content != null) {
        v.add(new BERTaggedObject(true, 0, content));
    }
    if (isBer) {
        return new BERSequence(v);
    } else {
        return new DLSequence(v);
    }
}
Also used : DLSequence(org.bouncycastle.asn1.DLSequence) BERSequence(org.bouncycastle.asn1.BERSequence) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) BERTaggedObject(org.bouncycastle.asn1.BERTaggedObject)

Example 18 with DLSequence

use of org.spongycastle.asn1.DLSequence in project aion by aionnetwork.

the class ECDSASignature method decodeFromDER.

public static ECDSASignature decodeFromDER(byte[] bytes) {
    ASN1InputStream decoder = null;
    try {
        decoder = new ASN1InputStream(bytes);
        DLSequence seq = (DLSequence) decoder.readObject();
        if (seq == null) {
            throw new RuntimeException("Reached past end of ASN.1 stream.");
        }
        ASN1Integer r, s;
        try {
            r = (ASN1Integer) seq.getObjectAt(0);
            s = (ASN1Integer) seq.getObjectAt(1);
        } catch (ClassCastException e) {
            throw new IllegalArgumentException(e);
        }
        // http://r6.ca/blog/20111119T211504Z.html
        return new ECDSASignature(r.getPositiveValue(), s.getPositiveValue());
    } catch (IOException e) {
        throw new RuntimeException(e);
    } finally {
        if (decoder != null) {
            try {
                decoder.close();
            } catch (IOException x) {
            }
        }
    }
}
Also used : ASN1InputStream(org.spongycastle.asn1.ASN1InputStream) DLSequence(org.spongycastle.asn1.DLSequence) ASN1Integer(org.spongycastle.asn1.ASN1Integer) IOException(java.io.IOException)

Example 19 with DLSequence

use of org.spongycastle.asn1.DLSequence in project signer by demoiselle.

the class OIDGeneric method getInstance.

/**
 * Instance for OIDGeneric.
 *
 * @param data
 *            Set of bytes with the contents of the certificate.
 * @return Object GenericOID
 * @throws IOException exception of input/output
 * @throws Exception general exception
 */
public static OIDGeneric getInstance(byte[] data) throws IOException, Exception {
    is = new ASN1InputStream(data);
    DLSequence sequence = (DLSequence) is.readObject();
    ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) sequence.getObjectAt(0);
    DERTaggedObject taggedObject = (DERTaggedObject) sequence.getObjectAt(1);
    DERTaggedObject taggedObject2 = (DERTaggedObject) taggedObject.getObject();
    DEROctetString octet = null;
    DERPrintableString print = null;
    DERUTF8String utf8 = null;
    DERIA5String ia5 = null;
    try {
        octet = (DEROctetString) taggedObject2.getObject();
    } catch (Exception e) {
        try {
            print = (DERPrintableString) taggedObject2.getObject();
        } catch (Exception e1) {
            try {
                utf8 = (DERUTF8String) taggedObject2.getObject();
            } catch (Exception e2) {
                ia5 = (DERIA5String) taggedObject2.getObject();
            }
        }
    }
    String className = getPackageName() + oid.getId().replaceAll("[.]", "_");
    OIDGeneric oidGenerico;
    try {
        oidGenerico = (OIDGeneric) Class.forName(className).newInstance();
    } catch (InstantiationException e) {
        throw new Exception(coreMessagesBundle.getString("error.class.instance", className), e);
    } catch (IllegalAccessException e) {
        throw new Exception(coreMessagesBundle.getString("error.class.illegal.access", className), e);
    } catch (ClassNotFoundException e) {
        oidGenerico = new OIDGeneric();
    }
    oidGenerico.oid = oid.getId();
    if (octet != null) {
        oidGenerico.data = new String(octet.getOctets());
    } else {
        if (print != null) {
            oidGenerico.data = print.getString();
        } else {
            if (utf8 != null) {
                oidGenerico.data = utf8.getString();
            } else {
                oidGenerico.data = ia5.getString();
            }
        }
    }
    oidGenerico.initialize();
    return oidGenerico;
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) DERIA5String(org.bouncycastle.asn1.DERIA5String) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) DEROctetString(org.bouncycastle.asn1.DEROctetString) IOException(java.io.IOException) DERIA5String(org.bouncycastle.asn1.DERIA5String) DLSequence(org.bouncycastle.asn1.DLSequence) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 20 with DLSequence

use of org.spongycastle.asn1.DLSequence in project signer by demoiselle.

the class PolicyIssuerName method parse.

@Override
public void parse(ASN1Primitive primitive) {
    if (primitive instanceof DLSequence) {
        DLSequence sequence = (DLSequence) primitive;
        ASN1Encodable asn1Encodable = sequence.getObjectAt(0);
        if (asn1Encodable instanceof DERTaggedObject) {
            DERTaggedObject derTaggedObject = (DERTaggedObject) asn1Encodable;
            ASN1Primitive object = derTaggedObject.getObject();
            if (object instanceof DEROctetString) {
                OctetString octetString = new OctetString();
                octetString.parse(object);
                this.issuerName = octetString.getValueUTF8();
            } else if (object instanceof DERSequence) {
                DERSequence sequence2 = (DERSequence) object;
                for (int i = 0; i < sequence2.size(); i++) {
                    ASN1Encodable obj = sequence2.getObjectAt(i);
                    if (obj instanceof DERSet) {
                        DERSet set = (DERSet) obj;
                        ASN1Encodable object2 = set.getObjectAt(0);
                        if (object2 instanceof DERSequence) {
                            DERSequence sequence3 = (DERSequence) object2;
                            ObjectIdentifier objectIdendifier = new ObjectIdentifier();
                            objectIdendifier.parse(sequence3.getObjectAt(0).toASN1Primitive());
                            String name = null;
                            ASN1Encodable object3 = sequence3.getObjectAt(1);
                            if (object3 instanceof DERPrintableString) {
                                name = ((DERPrintableString) object3).getString();
                            } else if (object3 instanceof DERUTF8String) {
                                name = ((DERUTF8String) object3).getString();
                            } else {
                                System.out.println(policyMessagesBundle.getString("error.not.recognized.object", object3.getClass(), object3.toString()));
                            }
                            if (this.issuerNames == null) {
                                this.issuerNames = new HashMap<ObjectIdentifier, String>();
                            }
                            this.issuerNames.put(objectIdendifier, name);
                        }
                    }
                }
            }
        }
    }
}
Also used : DEROctetString(org.bouncycastle.asn1.DEROctetString) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) HashMap(java.util.HashMap) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) DERSet(org.bouncycastle.asn1.DERSet) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERSequence(org.bouncycastle.asn1.DERSequence) DLSequence(org.bouncycastle.asn1.DLSequence) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive)

Aggregations

DLSequence (org.bouncycastle.asn1.DLSequence)35 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)21 IOException (java.io.IOException)13 DERTaggedObject (org.bouncycastle.asn1.DERTaggedObject)13 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)12 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)9 DEROctetString (org.bouncycastle.asn1.DEROctetString)9 ASN1Primitive (org.bouncycastle.asn1.ASN1Primitive)8 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)8 DERIA5String (org.bouncycastle.asn1.DERIA5String)6 DERUTF8String (org.bouncycastle.asn1.DERUTF8String)6 BigInteger (java.math.BigInteger)5 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)5 Pair (android.util.Pair)3 BufferedWriter (java.io.BufferedWriter)3 ASN1OutputStream (org.bouncycastle.asn1.ASN1OutputStream)3 JRubyMethod (org.jruby.anno.JRubyMethod)3 ByteArrayOutputStream (org.jruby.ext.openssl.util.ByteArrayOutputStream)3 CertificateEncodingException (java.security.cert.CertificateEncodingException)2 ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)2