Examples with ObjectIdentifier sun.security.util.ObjectIdentifier used on opensource projects

Example 41 with ObjectIdentifier

use of sun.security.util.ObjectIdentifier in project jdk8u_jdk by JetBrains.

the class GSSContextImpl method initSecContext.

public int initSecContext(InputStream inStream, OutputStream outStream) throws GSSException {
    if (mechCtxt != null && currentState != IN_PROGRESS) {
        throw new GSSExceptionImpl(GSSException.FAILURE, "Illegal call to initSecContext");
    }
    GSSHeader gssHeader = null;
    int inTokenLen = -1;
    GSSCredentialSpi credElement = null;
    boolean firstToken = false;
    try {
        if (mechCtxt == null) {
            if (myCred != null) {
                try {
                    credElement = myCred.getElement(mechOid, true);
                } catch (GSSException ge) {
                    if (GSSUtil.isSpNegoMech(mechOid) && ge.getMajor() == GSSException.NO_CRED) {
                        credElement = myCred.getElement(myCred.getMechs()[0], true);
                    } else {
                        throw ge;
                    }
                }
            }
            GSSNameSpi nameElement = targName.getElement(mechOid);
            mechCtxt = gssManager.getMechanismContext(nameElement, credElement, reqLifetime, mechOid);
            mechCtxt.requestConf(reqConfState);
            mechCtxt.requestInteg(reqIntegState);
            mechCtxt.requestCredDeleg(reqCredDelegState);
            mechCtxt.requestMutualAuth(reqMutualAuthState);
            mechCtxt.requestReplayDet(reqReplayDetState);
            mechCtxt.requestSequenceDet(reqSequenceDetState);
            mechCtxt.requestAnonymity(reqAnonState);
            mechCtxt.setChannelBinding(channelBindings);
            mechCtxt.requestDelegPolicy(reqDelegPolicyState);
            objId = new ObjectIdentifier(mechOid.toString());
            currentState = IN_PROGRESS;
            firstToken = true;
        } else {
            if (mechCtxt.getProvider().getName().equals("SunNativeGSS") || GSSUtil.isSpNegoMech(mechOid)) {
            // do not parse GSS header for native provider or SPNEGO
            // mech
            } else {
                // parse GSS header
                gssHeader = new GSSHeader(inStream);
                if (!gssHeader.getOid().equals((Object) objId))
                    throw new GSSExceptionImpl(GSSException.DEFECTIVE_TOKEN, "Mechanism not equal to " + mechOid.toString() + " in initSecContext token");
                inTokenLen = gssHeader.getMechTokenLength();
            }
        }
        byte[] obuf = mechCtxt.initSecContext(inStream, inTokenLen);
        int retVal = 0;
        if (obuf != null) {
            retVal = obuf.length;
            if (mechCtxt.getProvider().getName().equals("SunNativeGSS") || (!firstToken && GSSUtil.isSpNegoMech(mechOid))) {
            // do not add GSS header for native provider or SPNEGO
            // except for the first SPNEGO token
            } else {
                // add GSS header
                gssHeader = new GSSHeader(objId, obuf.length);
                retVal += gssHeader.encode(outStream);
            }
            outStream.write(obuf);
        }
        if (mechCtxt.isEstablished())
            currentState = READY;
        return retVal;
    } catch (IOException e) {
        throw new GSSExceptionImpl(GSSException.DEFECTIVE_TOKEN, e.getMessage());
    }
}

Example 42 with ObjectIdentifier

use of sun.security.util.ObjectIdentifier in project jdk8u_jdk by JetBrains.

the class GSSNameImpl method export.

/**
     * Returns a flat name representation for this object. The name
     * format is defined in RFC 2743:
     *<pre>
     * Length           Name          Description
     * 2               TOK_ID          Token Identifier
     *                                 For exported name objects, this
     *                                 must be hex 04 01.
     * 2               MECH_OID_LEN    Length of the Mechanism OID
     * MECH_OID_LEN    MECH_OID        Mechanism OID, in DER
     * 4               NAME_LEN        Length of name
     * NAME_LEN        NAME            Exported name; format defined in
     *                                 applicable mechanism draft.
     *</pre>
     *
     * Note that it is not required to canonicalize a name before
     * calling export(). i.e., the name need not be an MN. If it is
     * not an MN, an implementation defined algorithm can be used for
     * choosing the mechanism which should export this name.
     *
     * @return the flat name representation for this object
     * @exception GSSException with major codes NAME_NOT_MN, BAD_NAME,
     *  BAD_NAME, FAILURE.
     */
public byte[] export() throws GSSException {
    if (mechElement == null) {
        /* Use default mech */
        mechElement = getElement(ProviderList.DEFAULT_MECH_OID);
    }
    byte[] mechPortion = mechElement.export();
    byte[] oidBytes = null;
    ObjectIdentifier oid = null;
    try {
        oid = new ObjectIdentifier(mechElement.getMechanism().toString());
    } catch (IOException e) {
        throw new GSSExceptionImpl(GSSException.FAILURE, "Invalid OID String ");
    }
    DerOutputStream dout = new DerOutputStream();
    try {
        dout.putOID(oid);
    } catch (IOException e) {
        throw new GSSExceptionImpl(GSSException.FAILURE, "Could not ASN.1 Encode " + oid.toString());
    }
    oidBytes = dout.toByteArray();
    byte[] retVal = new byte[2 + 2 + oidBytes.length + 4 + mechPortion.length];
    int pos = 0;
    retVal[pos++] = 0x04;
    retVal[pos++] = 0x01;
    retVal[pos++] = (byte) (oidBytes.length >>> 8);
    retVal[pos++] = (byte) oidBytes.length;
    System.arraycopy(oidBytes, 0, retVal, pos, oidBytes.length);
    pos += oidBytes.length;
    retVal[pos++] = (byte) (mechPortion.length >>> 24);
    retVal[pos++] = (byte) (mechPortion.length >>> 16);
    retVal[pos++] = (byte) (mechPortion.length >>> 8);
    retVal[pos++] = (byte) mechPortion.length;
    System.arraycopy(mechPortion, 0, retVal, pos, mechPortion.length);
    return retVal;
}

Example 43 with ObjectIdentifier

use of sun.security.util.ObjectIdentifier in project jdk8u_jdk by JetBrains.

the class PKCS9Attributes method getAttributes.

/**
     * Get an array of all attributes in this set, in order of OID.
     */
public PKCS9Attribute[] getAttributes() {
    PKCS9Attribute[] attribs = new PKCS9Attribute[attributes.size()];
    ObjectIdentifier oid;
    int j = 0;
    for (int i = 1; i < PKCS9Attribute.PKCS9_OIDS.length && j < attribs.length; i++) {
        attribs[j] = getAttribute(PKCS9Attribute.PKCS9_OIDS[i]);
        if (attribs[j] != null)
            j++;
    }
    return attribs;
}

Example 44 with ObjectIdentifier

use of sun.security.util.ObjectIdentifier in project jdk8u_jdk by JetBrains.

the class PKCS9Attributes method decode.

/**
     * Decode this set of PKCS9 attributes from the contents of its
     * DER encoding. Ignores unsupported attributes when directed.
     *
     * @param in
     * the contents of the DER encoding of the attribute set.
     *
     * @exception IOException
     * on i/o error, encoding syntax error, unacceptable or
     * unsupported attribute, or duplicate attribute.
     */
private byte[] decode(DerInputStream in) throws IOException {
    DerValue val = in.getDerValue();
    // save the DER encoding with its proper tag byte.
    byte[] derEncoding = val.toByteArray();
    derEncoding[0] = DerValue.tag_SetOf;
    DerInputStream derIn = new DerInputStream(derEncoding);
    DerValue[] derVals = derIn.getSet(3, true);
    PKCS9Attribute attrib;
    ObjectIdentifier oid;
    boolean reuseEncoding = true;
    for (int i = 0; i < derVals.length; i++) {
        try {
            attrib = new PKCS9Attribute(derVals[i]);
        } catch (ParsingException e) {
            if (ignoreUnsupportedAttributes) {
                // cannot reuse supplied DER encoding
                reuseEncoding = false;
                // skip
                continue;
            } else {
                throw e;
            }
        }
        oid = attrib.getOID();
        if (attributes.get(oid) != null)
            throw new IOException("Duplicate PKCS9 attribute: " + oid);
        if (permittedAttributes != null && !permittedAttributes.containsKey(oid))
            throw new IOException("Attribute " + oid + " not permitted in this attribute set");
        attributes.put(oid, attrib);
    }
    return reuseEncoding ? derEncoding : generateDerEncoding();
}

Example 45 with ObjectIdentifier

use of sun.security.util.ObjectIdentifier in project jdk8u_jdk by JetBrains.

the class GSSNameElement method export.

public byte[] export() throws GSSException {
    byte[] nameVal = cStub.exportName(pName);
    // Need to strip off the mech Oid portion of the exported
    // bytes since GSSNameImpl class will subsequently add it.
    int pos = 0;
    if ((nameVal[pos++] != 0x04) || (nameVal[pos++] != 0x01))
        throw new GSSException(GSSException.BAD_NAME);
    int mechOidLen = (((0xFF & nameVal[pos++]) << 8) | (0xFF & nameVal[pos++]));
    ObjectIdentifier temp = null;
    try {
        DerInputStream din = new DerInputStream(nameVal, pos, mechOidLen);
        temp = new ObjectIdentifier(din);
    } catch (IOException e) {
        throw new GSSExceptionImpl(GSSException.BAD_NAME, e);
    }
    Oid mech2 = new Oid(temp.toString());
    assert (mech2.equals(getMechanism()));
    pos += mechOidLen;
    int mechPortionLen = (((0xFF & nameVal[pos++]) << 24) | ((0xFF & nameVal[pos++]) << 16) | ((0xFF & nameVal[pos++]) << 8) | (0xFF & nameVal[pos++]));
    if (mechPortionLen < 0) {
        throw new GSSException(GSSException.BAD_NAME);
    }
    byte[] mechPortion = new byte[mechPortionLen];
    System.arraycopy(nameVal, pos, mechPortion, 0, mechPortionLen);
    return mechPortion;
}