public DERObject toASN1Object() {
    ASN1EncodableVector accessDescription = new ASN1EncodableVector();

    accessDescription.add(accessMethod);
    accessDescription.add(accessLocation);

    return new DERSequence(accessDescription);
  }
  /**
   * Produce an object suitable for an ASN1OutputStream.
   *
   * <pre>
   * RecipientEncryptedKey ::= SEQUENCE {
   *     rid KeyAgreeRecipientIdentifier,
   *     encryptedKey EncryptedKey
   * }
   * </pre>
   */
  public DERObject toASN1Object() {
    ASN1EncodableVector v = new ASN1EncodableVector();

    v.add(identifier);
    v.add(encryptedKey);

    return new DERSequence(v);
  }
Beispiel #3
0
  /**
   *
   *
   * <pre>
   * TimeStampResp ::= SEQUENCE  {
   *   status                  PKIStatusInfo,
   *   timeStampToken          TimeStampToken     OPTIONAL  }
   * </pre>
   */
  public DERObject toASN1Object() {
    ASN1EncodableVector v = new ASN1EncodableVector();

    v.add(pkiStatusInfo);
    if (timeStampToken != null) {
      v.add(timeStampToken);
    }

    return new DERSequence(v);
  }
  /**
   * Produce an object suitable for an ASN1OutputStream.
   *
   * <pre>
   * KeyAgreeRecipientInfo ::= SEQUENCE {
   *     version CMSVersion,  -- always set to 3
   *     originator [0] EXPLICIT OriginatorIdentifierOrKey,
   *     ukm [1] EXPLICIT UserKeyingMaterial OPTIONAL,
   *     keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
   *     recipientEncryptedKeys RecipientEncryptedKeys
   * }
   *
   * UserKeyingMaterial ::= OCTET STRING
   * </pre>
   */
  public DERObject toASN1Object() {
    ASN1EncodableVector v = new ASN1EncodableVector();

    v.add(version);
    v.add(new DERTaggedObject(true, 0, originator));

    if (ukm != null) {
      v.add(new DERTaggedObject(true, 1, ukm));
    }

    v.add(keyEncryptionAlgorithm);
    v.add(recipientEncryptedKeys);

    return new DERSequence(v);
  }
Beispiel #5
0
  /**
   * Produce an object suitable for an ASN1OutputStream.
   *
   * <pre>
   * CrlID ::= SEQUENCE {
   *     crlUrl               [0]     EXPLICIT IA5String OPTIONAL,
   *     crlNum               [1]     EXPLICIT INTEGER OPTIONAL,
   *     crlTime              [2]     EXPLICIT GeneralizedTime OPTIONAL }
   * </pre>
   */
  public DERObject toASN1Object() {
    ASN1EncodableVector v = new ASN1EncodableVector();

    if (crlUrl != null) {
      v.add(new DERTaggedObject(true, 0, crlUrl));
    }

    if (crlNum != null) {
      v.add(new DERTaggedObject(true, 1, crlNum));
    }

    if (crlTime != null) {
      v.add(new DERTaggedObject(true, 2, crlTime));
    }

    return new DERSequence(v);
  }
Beispiel #6
0
  /**
   *
   *
   * <pre>
   * CertReqMsg ::= SEQUENCE {
   *                    certReq   CertRequest,
   *                    pop       ProofOfPossession  OPTIONAL,
   *                    -- content depends upon key type
   *                    regInfo   SEQUENCE SIZE(1..MAX) OF AttributeTypeAndValue OPTIONAL }
   * </pre>
   *
   * @return a basic ASN.1 object representation.
   */
  public DERObject toASN1Object() {
    ASN1EncodableVector v = new ASN1EncodableVector();

    v.add(certReq);

    addOptional(v, popo);
    addOptional(v, regInfo);

    return new DERSequence(v);
  }
Beispiel #7
0
 private void addOptional(ASN1EncodableVector v, ASN1Encodable obj) {
   if (obj != null) {
     v.add(obj);
   }
 }
  private BasicOCSPResp generateResponse(
      String signatureName,
      PrivateKey key,
      X509Certificate[] chain,
      Date producedAt,
      String provider,
      SecureRandom random)
      throws OCSPException, NoSuchProviderException {
    Iterator it = list.iterator();
    DERObjectIdentifier signingAlgorithm;

    try {
      signingAlgorithm = OCSPUtil.getAlgorithmOID(signatureName);
    } catch (Exception e) {
      throw new IllegalArgumentException("unknown signing algorithm specified");
    }

    ASN1EncodableVector responses = new ASN1EncodableVector();

    while (it.hasNext()) {
      try {
        responses.add(((ResponseObject) it.next()).toResponse());
      } catch (Exception e) {
        throw new OCSPException("exception creating Request", e);
      }
    }

    ResponseData tbsResp =
        new ResponseData(
            responderID.toASN1Object(),
            new DERGeneralizedTime(producedAt),
            new DERSequence(responses),
            responseExtensions);

    Signature sig = null;

    try {
      sig = OCSPUtil.createSignatureInstance(signatureName, provider);
      if (random != null) {
        sig.initSign(key, random);
      } else {
        sig.initSign(key);
      }
    } catch (NoSuchProviderException e) {
      // TODO Why this special case?
      throw e;
    } catch (GeneralSecurityException e) {
      throw new OCSPException("exception creating signature: " + e, e);
    }

    DERBitString bitSig = null;

    try {
      sig.update(tbsResp.getEncoded(ASN1Encodable.DER));

      bitSig = new DERBitString(sig.sign());
    } catch (Exception e) {
      throw new OCSPException("exception processing TBSRequest: " + e, e);
    }

    AlgorithmIdentifier sigAlgId = OCSPUtil.getSigAlgID(signingAlgorithm);

    DERSequence chainSeq = null;
    if (chain != null && chain.length > 0) {
      ASN1EncodableVector v = new ASN1EncodableVector();
      try {
        for (int i = 0; i != chain.length; i++) {
          v.add(
              new X509CertificateStructure(
                  (ASN1Sequence) ASN1Object.fromByteArray(chain[i].getEncoded())));
        }
      } catch (IOException e) {
        throw new OCSPException("error processing certs", e);
      } catch (CertificateEncodingException e) {
        throw new OCSPException("error encoding certs", e);
      }

      chainSeq = new DERSequence(v);
    }

    return new BasicOCSPResp(new BasicOCSPResponse(tbsResp, sigAlgId, bitSig, chainSeq));
  }