/**
   * generate an X509 certificate, based on the current issuer and subject, using the passed in
   * provider for the signing and the supplied source of randomness, if required.
   */
  public X509AttributeCertificate generate(PrivateKey key, String provider, SecureRandom random)
      throws CertificateEncodingException, IllegalStateException, NoSuchProviderException,
          NoSuchAlgorithmException, SignatureException, InvalidKeyException {
    if (!extGenerator.isEmpty()) {
      acInfoGen.setExtensions(extGenerator.generate());
    }

    AttributeCertificateInfo acInfo = acInfoGen.generateAttributeCertificateInfo();

    ASN1EncodableVector v = new ASN1EncodableVector();

    v.add(acInfo);
    v.add(sigAlgId);

    try {
      v.add(
          new DERBitString(
              X509Util.calculateSignature(
                  sigOID, signatureAlgorithm, provider, key, random, acInfo)));

      return new X509V2AttributeCertificate(new AttributeCertificate(new DERSequence(v)));
    } catch (IOException e) {
      throw new ExtCertificateEncodingException("constructed invalid certificate", e);
    }
  }
Esempio n. 2
0
  public DERObject toASN1Object() {
    ASN1EncodableVector v = new ASN1EncodableVector();

    v.add(salt);
    v.add(iterations);

    return new DERSequence(v);
  }
Esempio n. 3
0
  public DERObject toASN1Object() {
    ASN1EncodableVector v = new ASN1EncodableVector();

    v.add(new DERInteger(0));
    v.add(data);

    return new BERSequence(v);
  }
Esempio n. 4
0
  /**
   * Implementation of the method <code>toASN1Object</code> as required by the superclass <code>
   * ASN1Encodable</code>.
   *
   * <pre>
   * RoleSyntax ::= SEQUENCE {
   *                 roleAuthority  [0] GeneralNames OPTIONAL,
   *                 roleName       [1] GeneralName
   *           }
   * </pre>
   */
  public DERObject toASN1Object() {
    ASN1EncodableVector v = new ASN1EncodableVector();
    if (this.roleAuthority != null) {
      v.add(new DERTaggedObject(false, 0, roleAuthority));
    }
    v.add(new DERTaggedObject(true, 1, roleName));

    return new DERSequence(v);
  }
Esempio n. 5
0
  /**
   *
   *
   * <pre>
   * PKIMessage ::= SEQUENCE {
   *                  header           PKIHeader,
   *                  body             PKIBody,
   *                  protection   [0] PKIProtection OPTIONAL,
   *                  extraCerts   [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate
   *                                                                     OPTIONAL
   * }
   * </pre>
   *
   * @return a basic ASN.1 object representation.
   */
  public DERObject toASN1Object() {
    ASN1EncodableVector v = new ASN1EncodableVector();

    v.add(header);
    v.add(body);

    addOptional(v, 0, protection);
    addOptional(v, 1, extraCerts);

    return new DERSequence(v);
  }
  /**
   * Produce an object suitable for an ASN1OutputStream.
   *
   * <pre>
   * EncryptedContentInfo ::= SEQUENCE {
   *     contentType ContentType,
   *     contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
   *     encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL
   * }
   * </pre>
   */
  public DERObject toASN1Object() {
    ASN1EncodableVector v = new ASN1EncodableVector();

    v.add(contentType);
    v.add(contentEncryptionAlgorithm);

    if (encryptedContent != null) {
      v.add(new BERTaggedObject(false, 0, encryptedContent));
    }

    return new BERSequence(v);
  }
Esempio n. 7
0
  public EncryptedData(
      DERObjectIdentifier contentType,
      AlgorithmIdentifier encryptionAlgorithm,
      DEREncodable content) {
    ASN1EncodableVector v = new ASN1EncodableVector();

    v.add(contentType);
    v.add(encryptionAlgorithm.getDERObject());
    v.add(new BERTaggedObject(false, 0, content));

    data = new BERSequence(v);
  }
Esempio n. 8
0
  /**
   * Produce an object suitable for an ASN1OutputStream.
   *
   * <p>Returns:
   *
   * <p>
   *
   * <pre>
   *       CertificatePair ::= SEQUENCE {
   *         forward        [0]    Certificate OPTIONAL,
   *         reverse        [1]    Certificate OPTIONAL,
   *         -- at least one of the pair shall be present -- }
   * </pre>
   *
   * @return a DERObject
   */
  public DERObject toASN1Object() {
    ASN1EncodableVector vec = new ASN1EncodableVector();

    if (forward != null) {
      vec.add(new DERTaggedObject(0, forward));
    }
    if (reverse != null) {
      vec.add(new DERTaggedObject(1, reverse));
    }

    return new DERSequence(vec);
  }
Esempio n. 9
0
 /**
  * Creates a new PKIMessage.
  *
  * @param header message header
  * @param body message body
  * @param protection message protection (may be null)
  * @param extraCerts extra certificates (may be null)
  */
 public PKIMessage(
     PKIHeader header, PKIBody body, DERBitString protection, CMPCertificate[] extraCerts) {
   this.header = header;
   this.body = body;
   this.protection = protection;
   if (extraCerts != null) {
     ASN1EncodableVector v = new ASN1EncodableVector();
     for (int i = 0; i < extraCerts.length; i++) {
       v.add(extraCerts[i]);
     }
     this.extraCerts = new DERSequence(v);
   }
 }
  /**
   * Produce an object suitable for an ASN1OutputStream.
   *
   * <p>Returns:
   *
   * <p>
   *
   * <pre>
   *               ProcurationSyntax ::= SEQUENCE {
   *                 country [1] EXPLICIT PrintableString(SIZE(2)) OPTIONAL,
   *                 typeOfSubstitution [2] EXPLICIT DirectoryString (SIZE(1..128)) OPTIONAL,
   *                 signingFor [3] EXPLICIT SigningFor
   *               }
   *
   *               SigningFor ::= CHOICE
   *               {
   *                 thirdPerson GeneralName,
   *                 certRef IssuerSerial
   *               }
   * </pre>
   *
   * @return a DERObject
   */
  public DERObject toASN1Object() {
    ASN1EncodableVector vec = new ASN1EncodableVector();
    if (country != null) {
      vec.add(new DERTaggedObject(true, 1, new DERPrintableString(country, true)));
    }
    if (typeOfSubstitution != null) {
      vec.add(new DERTaggedObject(true, 2, typeOfSubstitution));
    }
    if (thirdPerson != null) {
      vec.add(new DERTaggedObject(true, 3, thirdPerson));
    } else {
      vec.add(new DERTaggedObject(true, 3, certRef));
    }

    return new DERSequence(vec);
  }
Esempio n. 11
0
 /**
  * Constructor from given details.
  *
  * <p><code>professionItems</code> is mandatory, all other parameters are optional.
  *
  * @param namingAuthority The naming authority.
  * @param professionItems Directory strings of the profession.
  * @param professionOIDs DERObjectIdentfier objects for the profession.
  * @param registrationNumber Registration number.
  * @param addProfessionInfo Additional infos in encoded form.
  */
 public ProfessionInfo(
     NamingAuthority namingAuthority,
     DirectoryString[] professionItems,
     DERObjectIdentifier[] professionOIDs,
     String registrationNumber,
     ASN1OctetString addProfessionInfo) {
   this.namingAuthority = namingAuthority;
   ASN1EncodableVector v = new ASN1EncodableVector();
   for (int i = 0; i != professionItems.length; i++) {
     v.add(professionItems[i]);
   }
   this.professionItems = new DERSequence(v);
   if (professionOIDs != null) {
     v = new ASN1EncodableVector();
     for (int i = 0; i != professionOIDs.length; i++) {
       v.add(professionOIDs[i]);
     }
     this.professionOIDs = new DERSequence(v);
   }
   this.registrationNumber = registrationNumber;
   this.addProfessionInfo = addProfessionInfo;
 }
Esempio n. 12
0
 /**
  * Produce an object suitable for an ASN1OutputStream.
  *
  * <p>Returns:
  *
  * <p>
  *
  * <pre>
  *               ProfessionInfo ::= SEQUENCE
  *               {
  *                 namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
  *                 professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
  *                 professionOIDs SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
  *                 registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
  *                 addProfessionInfo OCTET STRING OPTIONAL
  *               }
  * </pre>
  *
  * @return a DERObject
  */
 public DERObject toASN1Object() {
   ASN1EncodableVector vec = new ASN1EncodableVector();
   if (namingAuthority != null) {
     vec.add(new DERTaggedObject(true, 0, namingAuthority));
   }
   vec.add(professionItems);
   if (professionOIDs != null) {
     vec.add(professionOIDs);
   }
   if (registrationNumber != null) {
     vec.add(new DERPrintableString(registrationNumber, true));
   }
   if (addProfessionInfo != null) {
     vec.add(addProfessionInfo);
   }
   return new DERSequence(vec);
 }
Esempio n. 13
0
  public int generateBytes(byte[] out, int outOff, int len)
      throws DataLengthException, IllegalArgumentException {
    if ((out.length - len) < outOff) {
      throw new DataLengthException("output buffer too small");
    }

    long oBytes = len;
    int outLen = digest.getDigestSize();

    //
    // this is at odds with the standard implementation, the
    // maximum value should be hBits * (2^32 - 1) where hBits
    // is the digest output size in bits. We can't have an
    // array with a long index at the moment...
    //
    if (oBytes > ((2L << 32) - 1)) {
      throw new IllegalArgumentException("Output length too large");
    }

    int cThreshold = (int) ((oBytes + outLen - 1) / outLen);

    byte[] dig = new byte[digest.getDigestSize()];

    int counter = 1;

    for (int i = 0; i < cThreshold; i++) {
      digest.update(z, 0, z.length);

      // OtherInfo
      ASN1EncodableVector v1 = new ASN1EncodableVector();
      // KeySpecificInfo
      ASN1EncodableVector v2 = new ASN1EncodableVector();

      v2.add(algorithm);
      v2.add(new DEROctetString(integerToBytes(counter)));

      v1.add(new DERSequence(v2));

      if (partyAInfo != null) {
        v1.add(new DERTaggedObject(true, 0, new DEROctetString(partyAInfo)));
      }

      v1.add(new DERTaggedObject(true, 2, new DEROctetString(integerToBytes(keySize))));

      byte[] other = new DERSequence(v1).getDEREncoded();

      digest.update(other, 0, other.length);

      digest.doFinal(dig, 0);

      if (len > outLen) {
        System.arraycopy(dig, 0, out, outOff, outLen);
        outOff += outLen;
        len -= outLen;
      } else {
        System.arraycopy(dig, 0, out, outOff, len);
      }

      counter++;
    }

    digest.reset();

    return len;
  }
Esempio n. 14
0
 private void addOptional(ASN1EncodableVector v, int tagNo, ASN1Encodable obj) {
   if (obj != null) {
     v.add(new DERTaggedObject(true, tagNo, obj));
   }
 }