/** * @deprecated use method taking Extensions * @param responderID * @param producedAt * @param responses * @param responseExtensions */ public ResponseData( ResponderID responderID, DERGeneralizedTime producedAt, ASN1Sequence responses, X509Extensions responseExtensions) { this(V1, responderID, producedAt, responses, Extensions.getInstance(responseExtensions)); }
private ResponseData(ASN1Sequence seq) { int index = 0; if (seq.getObjectAt(0) instanceof ASN1TaggedObject) { ASN1TaggedObject o = (ASN1TaggedObject) seq.getObjectAt(0); if (o.getTagNo() == 0) { this.versionPresent = true; this.version = ASN1Integer.getInstance((ASN1TaggedObject) seq.getObjectAt(0), true); index++; } else { this.version = V1; } } else { this.version = V1; } this.responderID = ResponderID.getInstance(seq.getObjectAt(index++)); this.producedAt = (DERGeneralizedTime) seq.getObjectAt(index++); this.responses = (ASN1Sequence) seq.getObjectAt(index++); if (seq.size() > index) { this.responseExtensions = Extensions.getInstance((ASN1TaggedObject) seq.getObjectAt(index), true); } }
/** * Look up the extension associated with the passed in OID. * * @param oid the OID of the extension of interest. * @return the extension if present, null otherwise. */ public Extension getExtension(ASN1ObjectIdentifier oid) { if (extensions != null) { return extensions.getExtension(oid); } return null; }
/** * Parse a {@link OCSPStatusRequest} from an {@link InputStream}. * * @param input the {@link InputStream} to parse from. * @return a {@link OCSPStatusRequest} object. * @throws IOException */ public static OCSPStatusRequest parse(InputStream input) throws IOException { Vector responderIDList = new Vector(); { int length = TlsUtils.readUint16(input); if (length > 0) { byte[] data = TlsUtils.readFully(length, input); ByteArrayInputStream buf = new ByteArrayInputStream(data); do { byte[] derEncoding = TlsUtils.readOpaque16(buf); ResponderID responderID = ResponderID.getInstance(TlsUtils.readDERObject(derEncoding)); responderIDList.addElement(responderID); } while (buf.available() > 0); } } Extensions requestExtensions = null; { int length = TlsUtils.readUint16(input); if (length > 0) { byte[] derEncoding = TlsUtils.readFully(length, input); requestExtensions = Extensions.getInstance(TlsUtils.readDERObject(derEncoding)); } } return new OCSPStatusRequest(responderIDList, requestExtensions); }
public byte[] getExtensionValue(String oid) { Extensions exts = c.getTBSCertList().getExtensions(); if (exts != null) { Extension ext = exts.getExtension(new ASN1ObjectIdentifier(oid)); if (ext != null) { try { return ext.getExtnValue().getEncoded(); } catch (Exception e) { throw new IllegalStateException("error parsing " + e.toString()); } } } return null; }
private Set getExtensionOIDs(boolean critical) { if (this.getVersion() == 2) { Extensions extensions = c.getTBSCertList().getExtensions(); if (extensions != null) { Set set = new HashSet(); Enumeration e = extensions.oids(); while (e.hasMoreElements()) { ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement(); Extension ext = extensions.getExtension(oid); if (critical == ext.isCritical()) { set.add(oid.getId()); } } return set; } } return null; }
/** * Encode this {@link OCSPStatusRequest} to an {@link OutputStream}. * * @param output the {@link OutputStream} to encode to. * @throws IOException */ public void encode(OutputStream output) throws IOException { if (responderIDList == null || responderIDList.isEmpty()) { TlsUtils.writeUint16(0, output); } else { ByteArrayOutputStream buf = new ByteArrayOutputStream(); for (int i = 0; i < responderIDList.size(); ++i) { ResponderID responderID = (ResponderID) responderIDList.elementAt(i); byte[] derEncoding = responderID.getEncoded(ASN1Encoding.DER); TlsUtils.writeOpaque16(derEncoding, buf); } TlsUtils.checkUint16(buf.size()); TlsUtils.writeUint16(buf.size(), output); buf.writeTo(output); } if (requestExtensions == null) { TlsUtils.writeUint16(0, output); } else { byte[] derEncoding = requestExtensions.getEncoded(ASN1Encoding.DER); TlsUtils.checkUint16(derEncoding.length); TlsUtils.writeUint16(derEncoding.length, output); output.write(derEncoding); } }
/** * Returns a string representation of this CRL. * * @return a string representation of this CRL. */ public String toString() { StringBuffer buf = new StringBuffer(); String nl = System.getProperty("line.separator"); buf.append(" Version: ").append(this.getVersion()).append(nl); buf.append(" IssuerDN: ").append(this.getIssuerDN()).append(nl); buf.append(" This update: ").append(this.getThisUpdate()).append(nl); buf.append(" Next update: ").append(this.getNextUpdate()).append(nl); buf.append(" Signature Algorithm: ").append(this.getSigAlgName()).append(nl); byte[] sig = this.getSignature(); buf.append(" Signature: ").append(new String(Hex.encode(sig, 0, 20))).append(nl); for (int i = 20; i < sig.length; i += 20) { if (i < sig.length - 20) { buf.append(" ").append(new String(Hex.encode(sig, i, 20))).append(nl); } else { buf.append(" ") .append(new String(Hex.encode(sig, i, sig.length - i))) .append(nl); } } Extensions extensions = c.getTBSCertList().getExtensions(); if (extensions != null) { Enumeration e = extensions.oids(); if (e.hasMoreElements()) { buf.append(" Extensions: ").append(nl); } while (e.hasMoreElements()) { ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement(); Extension ext = extensions.getExtension(oid); if (ext.getExtnValue() != null) { byte[] octs = ext.getExtnValue().getOctets(); ASN1InputStream dIn = new ASN1InputStream(octs); buf.append(" critical(").append(ext.isCritical()).append(") "); try { if (oid.equals(Extension.cRLNumber)) { buf.append( new CRLNumber(ASN1Integer.getInstance(dIn.readObject()).getPositiveValue())) .append(nl); } else if (oid.equals(Extension.deltaCRLIndicator)) { buf.append( "Base CRL: " + new CRLNumber( ASN1Integer.getInstance(dIn.readObject()).getPositiveValue())) .append(nl); } else if (oid.equals(Extension.issuingDistributionPoint)) { buf.append(IssuingDistributionPoint.getInstance(dIn.readObject())).append(nl); } else if (oid.equals(Extension.cRLDistributionPoints)) { buf.append(CRLDistPoint.getInstance(dIn.readObject())).append(nl); } else if (oid.equals(Extension.freshestCRL)) { buf.append(CRLDistPoint.getInstance(dIn.readObject())).append(nl); } else { buf.append(oid.getId()); buf.append(" value = ").append(ASN1Dump.dumpAsString(dIn.readObject())).append(nl); } } catch (Exception ex) { buf.append(oid.getId()); buf.append(" value = ").append("*****").append(nl); } } else { buf.append(nl); } } } Set set = getRevokedCertificates(); if (set != null) { Iterator it = set.iterator(); while (it.hasNext()) { buf.append(it.next()); buf.append(nl); } } return buf.toString(); }
/** * Generate a TimeStampToken for the passed in request and serialNumber marking it with the passed * in genTime. * * @param request the originating request. * @param serialNumber serial number for the TimeStampToken * @param genTime token generation time. * @param additionalExtensions extra extensions to be added to the response token. * @return a TimeStampToken * @throws TSPException */ public TimeStampToken generate( TimeStampRequest request, BigInteger serialNumber, Date genTime, Extensions additionalExtensions) throws TSPException { ASN1ObjectIdentifier digestAlgOID = request.getMessageImprintAlgOID(); AlgorithmIdentifier algID = new AlgorithmIdentifier(digestAlgOID, DERNull.INSTANCE); MessageImprint messageImprint = new MessageImprint(algID, request.getMessageImprintDigest()); Accuracy accuracy = null; if (accuracySeconds > 0 || accuracyMillis > 0 || accuracyMicros > 0) { ASN1Integer seconds = null; if (accuracySeconds > 0) { seconds = new ASN1Integer(accuracySeconds); } ASN1Integer millis = null; if (accuracyMillis > 0) { millis = new ASN1Integer(accuracyMillis); } ASN1Integer micros = null; if (accuracyMicros > 0) { micros = new ASN1Integer(accuracyMicros); } accuracy = new Accuracy(seconds, millis, micros); } ASN1Boolean derOrdering = null; if (ordering) { derOrdering = ASN1Boolean.getInstance(ordering); } ASN1Integer nonce = null; if (request.getNonce() != null) { nonce = new ASN1Integer(request.getNonce()); } ASN1ObjectIdentifier tsaPolicy = tsaPolicyOID; if (request.getReqPolicy() != null) { tsaPolicy = request.getReqPolicy(); } Extensions respExtensions = request.getExtensions(); if (additionalExtensions != null) { ExtensionsGenerator extGen = new ExtensionsGenerator(); if (respExtensions != null) { for (Enumeration en = respExtensions.oids(); en.hasMoreElements(); ) { extGen.addExtension( respExtensions.getExtension(ASN1ObjectIdentifier.getInstance(en.nextElement()))); } } for (Enumeration en = additionalExtensions.oids(); en.hasMoreElements(); ) { extGen.addExtension( additionalExtensions.getExtension(ASN1ObjectIdentifier.getInstance(en.nextElement()))); } respExtensions = extGen.generate(); } TSTInfo tstInfo = new TSTInfo( tsaPolicy, messageImprint, new ASN1Integer(serialNumber), new ASN1GeneralizedTime(genTime), accuracy, derOrdering, nonce, tsa, respExtensions); try { CMSSignedDataGenerator signedDataGenerator = new CMSSignedDataGenerator(); if (request.getCertReq()) { // TODO: do we need to check certs non-empty? signedDataGenerator.addCertificates(new CollectionStore(certs)); signedDataGenerator.addAttributeCertificates(new CollectionStore(attrCerts)); } signedDataGenerator.addCRLs(new CollectionStore(crls)); if (!otherRevoc.isEmpty()) { for (Iterator it = otherRevoc.keySet().iterator(); it.hasNext(); ) { ASN1ObjectIdentifier format = (ASN1ObjectIdentifier) it.next(); signedDataGenerator.addOtherRevocationInfo( format, new CollectionStore((Collection) otherRevoc.get(format))); } } signedDataGenerator.addSignerInfoGenerator(signerInfoGen); byte[] derEncodedTSTInfo = tstInfo.getEncoded(ASN1Encoding.DER); CMSSignedData signedData = signedDataGenerator.generate( new CMSProcessableByteArray(PKCSObjectIdentifiers.id_ct_TSTInfo, derEncodedTSTInfo), true); return new TimeStampToken(signedData); } catch (CMSException cmsEx) { throw new TSPException("Error generating time-stamp token", cmsEx); } catch (IOException e) { throw new TSPException("Exception encoding info", e); } }