Exemplo n.º 1
0
  /**
   * Returns the SubjectKeyIdentifier extension value on String format.<br>
   * Otherwise, returns <b>null</b>.<br>
   *
   * @return String
   */
  public String getSubjectKeyIdentifier() throws IOException {
    // TODO - Precisa validar este metodo com a RFC
    DEROctetString oct =
        (DEROctetString) getExtensionValue(X509Extensions.SubjectKeyIdentifier.getId());
    if (oct == null) {
      return null;
    }

    return toString(oct.getOctets());
  }
Exemplo n.º 2
0
  public void testKEKDESede() throws Exception {
    tryKekAlgorithm(
        CMSTestUtil.makeDesede192Key(), new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.3.6"));

    DEROctetString iv = new DEROctetString(Hex.decode("0001020304050607"));
    tryKekAlgorithm(
        CMSTestUtil.makeDesede192Key(),
        new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.3.6"),
        iv.getEncoded());
  }
Exemplo n.º 3
0
  /**
   * Returns the AuthorityKeyIdentifier extension value on String format.<br>
   * Otherwise, returns <b>null</b>.<br>
   *
   * @return String
   * @throws IOException
   */
  public String getAuthorityKeyIdentifier() throws IOException {
    // TODO - Precisa validar este metodo com a RFC
    DERSequence seq =
        (DERSequence) getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());
    if (seq == null || seq.size() == 0) {
      return null;
    }
    DERTaggedObject tag = (DERTaggedObject) seq.getObjectAt(0);
    DEROctetString oct = (DEROctetString) DEROctetString.getInstance(tag);

    return toString(oct.getOctets());
  }
Exemplo n.º 4
0
 public void fromByteArray(byte[] encodedData) {
   ASN1InputStream asn1in = new ASN1InputStream(encodedData);
   try {
     to = (DERTaggedObject) asn1in.readObject();
     asn1in.close();
   } catch (IOException e) {
     // TODO Auto-generated catch block
     e.printStackTrace();
   }
   DEROctetString ocs = (DEROctetString) to.getObject();
   data = ocs.getOctets();
 }
 private byte[] getAuthorityKeyId(X509Certificate cert) throws IOException {
   byte[] extvalue = cert.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());
   if (extvalue == null) {
     return null;
   }
   DEROctetString oct =
       (DEROctetString) (new ASN1InputStream(new ByteArrayInputStream(extvalue)).readObject());
   AuthorityKeyIdentifier keyId =
       new AuthorityKeyIdentifier(
           (ASN1Sequence)
               new ASN1InputStream(new ByteArrayInputStream(oct.getOctets())).readObject());
   return keyId.getKeyIdentifier();
 }
Exemplo n.º 6
0
 /**
  * Returns the DERObject for the informed OID<br>
  * atraves do OID.<br>
  *
  * @param oid
  * @return DERObject
  * @see DERObject
  */
 @SuppressWarnings("resource")
 public ASN1Object getExtensionValue(String oid) {
   byte[] extvalue = certificate.getExtensionValue(oid);
   if (extvalue == null) {
     return null;
   }
   try {
     DEROctetString oct = (DEROctetString) (new ASN1InputStream(extvalue).readObject());
     return (new ASN1InputStream(oct.getOctets()).readObject());
   } catch (IOException e) {
     e.printStackTrace();
   }
   return null;
 }
Exemplo n.º 7
0
  public SignerInfo(ASN1Sequence seq) {
    Enumeration e = seq.getObjects();

    version = (DERInteger) e.nextElement();
    issuerAndSerialNumber = IssuerAndSerialNumber.getInstance(e.nextElement());
    digAlgorithm = AlgorithmIdentifier.getInstance(e.nextElement());

    Object obj = e.nextElement();

    if (obj instanceof ASN1TaggedObject) {
      authenticatedAttributes = ASN1Set.getInstance((ASN1TaggedObject) obj, false);

      digEncryptionAlgorithm = AlgorithmIdentifier.getInstance(e.nextElement());
    } else {
      authenticatedAttributes = null;
      digEncryptionAlgorithm = AlgorithmIdentifier.getInstance(obj);
    }

    encryptedDigest = DEROctetString.getInstance(e.nextElement());

    if (e.hasMoreElements()) {
      unauthenticatedAttributes = ASN1Set.getInstance((ASN1TaggedObject) e.nextElement(), false);
    } else {
      unauthenticatedAttributes = null;
    }
  }
Exemplo n.º 8
0
  /**
   * This method returns the {@code ASN1Sequence} encapsulated in {@code DEROctetString}. The {@code
   * DEROctetString} is represented as {@code byte} array.
   *
   * @param bytes {@code byte} representation of {@code DEROctetString}
   * @return encapsulated {@code ASN1Sequence}
   * @throws DSSException in case of a decoding problem
   */
  public static ASN1Sequence getAsn1SequenceFromDerOctetString(byte[] bytes) throws DSSException {

    ASN1InputStream input = null;
    try {

      input = new ASN1InputStream(bytes);
      final DEROctetString s = (DEROctetString) input.readObject();
      final byte[] content = s.getOctets();
      input.close();
      input = new ASN1InputStream(content);
      final ASN1Sequence seq = (ASN1Sequence) input.readObject();
      return seq;
    } catch (IOException e) {
      throw new DSSException("Error when converting byte array to ASN1Sequence!", e);
    } finally {
      DSSUtils.closeQuietly(input);
    }
  }
Exemplo n.º 9
0
  BCGOST3410PublicKey(SubjectPublicKeyInfo info) {
    GOST3410PublicKeyAlgParameters params =
        new GOST3410PublicKeyAlgParameters((ASN1Sequence) info.getAlgorithmId().getParameters());
    DEROctetString derY;

    try {
      derY = (DEROctetString) info.parsePublicKey();

      byte[] keyEnc = derY.getOctets();
      byte[] keyBytes = new byte[keyEnc.length];

      for (int i = 0; i != keyEnc.length; i++) {
        keyBytes[i] = keyEnc[keyEnc.length - 1 - i]; // was little endian
      }

      this.y = new BigInteger(1, keyBytes);
    } catch (IOException e) {
      throw new IllegalArgumentException("invalid info structure in GOST3410 public key");
    }

    this.gost3410Spec = GOST3410ParameterSpec.fromPublicKeyAlg(params);
  }
Exemplo n.º 10
0
  @Override
  protected Object doExecute() throws Exception {
    Set<String> caNames = caClient.getCaNames();
    if (isEmpty(caNames)) {
      throw new IllegalCmdParamException("no CA is configured");
    }

    if (caName != null && !caNames.contains(caName)) {
      throw new IllegalCmdParamException(
          "CA " + caName + " is not within the configured CAs " + caNames);
    }

    if (caName == null) {
      if (caNames.size() == 1) {
        caName = caNames.iterator().next();
      } else {
        throw new IllegalCmdParamException(
            "no caname is specified, one of " + caNames + " is required");
      }
    }

    X509CRL crl = null;
    try {
      crl = retrieveCRL(caName);
    } catch (PKIErrorException e) {
      throw new CmdFailure("received no CRL from server: " + e.getMessage());
    }

    if (crl == null) {
      throw new CmdFailure("received no CRL from server");
    }

    saveVerbose("saved CRL to file", new File(outFile), crl.getEncoded());

    if (withBaseCRL.booleanValue()) {
      byte[] octetString = crl.getExtensionValue(Extension.deltaCRLIndicator.getId());
      if (octetString != null) {
        if (baseCRLOut == null) {
          baseCRLOut = outFile + "-baseCRL";
        }

        byte[] extnValue = DEROctetString.getInstance(octetString).getOctets();
        BigInteger baseCrlNumber = ASN1Integer.getInstance(extnValue).getPositiveValue();

        RequestResponseDebug debug = getRequestResponseDebug();
        try {
          crl = caClient.downloadCRL(caName, baseCrlNumber, debug);
        } catch (PKIErrorException e) {
          throw new CmdFailure("received no baseCRL from server: " + e.getMessage());
        } finally {
          saveRequestResponse(debug);
        }

        if (crl == null) {
          throw new CmdFailure("received no baseCRL from server");
        } else {
          saveVerbose("saved baseCRL to file", new File(baseCRLOut), crl.getEncoded());
        }
      }
    }

    return null;
  } // method doExecute
Exemplo n.º 11
0
  /**
   * This method checks if a given {@code DEROctetString} is null.
   *
   * @param derOctetString
   * @return
   */
  public static boolean isDEROctetStringNull(final DEROctetString derOctetString) {

    final byte[] derOctetStringBytes = derOctetString.getOctets();
    final ASN1Primitive asn1Null = DSSASN1Utils.toASN1Primitive(derOctetStringBytes);
    return DERNull.INSTANCE.equals(asn1Null);
  }