Пример #1
0
  public VomsAttributeCertificateInfo(final ASN1Sequence seq) throws ProblemException {

    super(seq);

    ASN1Sequence attributes = getAttributes();

    for (int i = 0; i < attributes.size(); i++) {

      ASN1Sequence attribute = (ASN1Sequence) attributes.getObjectAt(i);
      DERObjectIdentifier id = (DERObjectIdentifier) attribute.getObjectAt(0);

      if (VomsCredentialInfo.VOMS_ATTR_OID.equals(id.getId())) {

        DERSet set = (DERSet) attribute.getObjectAt(1);

        for (int j = 0; j < set.size(); j++) {

          IetfAttrSyntax attr = new IetfAttrSyntax((ASN1Sequence) set.getObjectAt(j));
          ASN1Sequence paSeq = (ASN1Sequence) attr.getPolicyAuthority().getDERObject();
          GeneralName paGName = GeneralName.getInstance(paSeq.getObjectAt(0));
          String paString = ((DERIA5String) paGName.getName()).getString();

          int sep = paString.indexOf("://"); // $NON-NLS-1$
          if (sep != -1) {
            this.voNames.add(paString.substring(0, sep));
          }

          for (Object attrValue : attr.getValues()) {
            String fqanString = new String(((ASN1OctetString) attrValue).getOctets());
            this.fqans.add(FullyQualifiedAttributeName.getFqan(fqanString));
          }
        }
      }
    }
  }
Пример #2
0
  /**
   * Constructor from ASN1Sequence
   *
   * <p>the principal will be a list of constructed sets, each containing an (OID, String) pair.
   */
  public X509Name(ASN1Sequence seq) {
    this.seq = seq;

    Enumeration e = seq.getObjects();

    while (e.hasMoreElements()) {
      ASN1Set set = ASN1Set.getInstance(e.nextElement());

      for (int i = 0; i < set.size(); i++) {
        ASN1Sequence s = ASN1Sequence.getInstance(set.getObjectAt(i));

        if (s.size() != 2) {
          throw new IllegalArgumentException("badly sized pair");
        }

        ordering.addElement(DERObjectIdentifier.getInstance(s.getObjectAt(0)));

        DEREncodable value = s.getObjectAt(1);
        if (value instanceof DERString) {
          values.addElement(((DERString) value).getString());
        } else {
          values.addElement("#" + bytesToString(Hex.encode(value.getDERObject().getDEREncoded())));
        }
        added.addElement((i != 0) ? TRUE : FALSE); // to allow earlier JDK compatibility
      }
    }
  }
Пример #3
0
  @Override
  public void fromAsn1(ASN1Encodable required, ASN1Encodable optional)
      throws IOException, EIDException {

    ASN1Sequence params = (ASN1Sequence) required;
    int version = ASN1Helper.getCheckedInt((ASN1Integer) params.getObjectAt(0));
    // if( doLog ) log.debug( "read version: " + version );

    int keyId = ASN1Helper.getCheckedInt((ASN1Integer) params.getObjectAt(1));
    // if( doLog ) log.debug( "read keyId: " + keyId );

    boolean authorizedOnly = ((ASN1Boolean) params.getObjectAt(2)).isTrue();
    // if( doLog ) log.debug( "read authorizedOnly: " + authorizedOnly );

    if (1 != version) throw new EIDException("version must be 1");

    this.version = version;
    this.keyId = keyId;
    this.authorizedOnly = authorizedOnly;

    if (null != optional) {
      maxKeyLen = ASN1Helper.getCheckedInt((ASN1Integer) optional);
      // if( doLog ) log.debug( "read maxKeyLen: " + maxKeyLen );
    }
  }
Пример #4
0
 public EncryptedContentInfo(ASN1Sequence seq) {
   contentType = (DERObjectIdentifier) seq.getObjectAt(0);
   contentEncryptionAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(1));
   if (seq.size() > 2) {
     encryptedContent = ASN1OctetString.getInstance((ASN1TaggedObject) seq.getObjectAt(2), false);
   }
 }
Пример #5
0
  /**
   * EncryptedContentInfo ::= SEQUENCE { contentType ContentType, contentEncryptionAlgorithm
   * ContentEncryptionAlgorithmIdentifier, encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL }
   *
   * <p>EncryptedContent ::= OCTET STRING
   */
  public static EncContent fromASN1(ASN1Encodable content) {
    ASN1Sequence sequence = (ASN1Sequence) content;
    ASN1ObjectIdentifier contentType = (ASN1ObjectIdentifier) (sequence.getObjectAt(0));
    int nid = ASN1Registry.obj2nid(contentType);

    EncContent ec = new EncContent();
    ec.setContentType(nid);
    ec.setAlgorithm(AlgorithmIdentifier.getInstance(sequence.getObjectAt(1)));
    if (sequence.size() > 2
        && sequence.getObjectAt(2) instanceof ASN1TaggedObject
        && ((ASN1TaggedObject) (sequence.getObjectAt(2))).getTagNo() == 0) {
      ASN1Encodable ee = ((ASN1TaggedObject) (sequence.getObjectAt(2))).getObject();
      if (ee instanceof ASN1Sequence && ((ASN1Sequence) ee).size() > 0) {
        ByteList combinedOctets = new ByteList();
        Enumeration enm = ((ASN1Sequence) ee).getObjects();
        while (enm.hasMoreElements()) {
          byte[] octets = ((ASN1OctetString) enm.nextElement()).getOctets();
          combinedOctets.append(octets);
        }
        ec.setEncData(new DEROctetString(combinedOctets.bytes()));
      } else {
        ec.setEncData((ASN1OctetString) ee);
      }
    }
    return ec;
  }
Пример #6
0
  public CVCertificate(byte[] in) throws IllegalArgumentException, IOException {
    ASN1StreamParser asn1Parser = new ASN1StreamParser(in);

    DERApplicationSpecific cvcert = (DERApplicationSpecific) asn1Parser.readObject();
    if (cvcert.getApplicationTag() != 0x21)
      throw new IllegalArgumentException("Can't find a CV Certificate");

    ASN1Sequence derCert =
        (ASN1Sequence) cvcert.getObject(BERTags.SEQUENCE); // Das CV Cerificate ist eine Sequence

    DERApplicationSpecific body =
        (DERApplicationSpecific)
            derCert.getObjectAt(0); // Das erste Objekt des Certificates ist der Cert-Body
    if (body.getApplicationTag() != 0x4E)
      throw new IllegalArgumentException("Can't find a Body in the CV Certificate");

    certBody = new CVCertBody(body);

    DERApplicationSpecific signature =
        (DERApplicationSpecific)
            derCert.getObjectAt(1); // Das zweite Objekt des Certificates ist die Signatur
    if (signature.getApplicationTag() != 0x37)
      throw new IllegalArgumentException("Can't find a Signature in the CV Certificate");

    certSignature = new CVCertSignature(signature.getContents());
  }
Пример #7
0
 public static LogotypeReference getInstance(ASN1Sequence seq) {
   ASN1Sequence refStructHashSeq = null;
   ASN1Sequence refStructURISeq = null;
   if (seq.size() != 2) {
     throw new IllegalArgumentException("size of sequence must be 2 not " + seq.size());
   }
   refStructHashSeq = ASN1Sequence.getInstance(seq.getObjectAt(0));
   refStructURISeq = ASN1Sequence.getInstance(seq.getObjectAt(1));
   DigestInfo[] refStructHash = null;
   DERIA5String[] refStructURI = null;
   {
     Vector<DigestInfo> v = new Vector<DigestInfo>();
     for (int i = 0; i < refStructHashSeq.size(); i++) {
       DigestInfo di = DigestInfo.getInstance(refStructHashSeq.getObjectAt(i));
       v.add(di);
     }
     refStructHash = v.toArray(new DigestInfo[refStructHashSeq.size()]);
   }
   {
     Vector<DERIA5String> v = new Vector<DERIA5String>();
     for (int i = 0; i < refStructURISeq.size(); i++) {
       DERIA5String di = DERIA5String.getInstance(refStructURISeq.getObjectAt(i));
       v.add(di);
     }
     refStructHash = v.toArray(new DigestInfo[refStructURISeq.size()]);
   }
   return new LogotypeReference(refStructHash, refStructURI);
 }
Пример #8
0
  private SinglePubInfo(ASN1Sequence seq) {
    pubMethod = ASN1Integer.getInstance(seq.getObjectAt(0));

    if (seq.size() == 2) {
      pubLocation = GeneralName.getInstance(seq.getObjectAt(1));
    }
  }
Пример #9
0
  /**
   * decrypt the content and return an input stream.
   *
   * @deprecated use getContentStream(Recipient)
   */
  public CMSTypedStream getContentStream(Key key, Provider prov) throws CMSException {
    try {
      CMSEnvelopedHelper helper = CMSEnvelopedHelper.INSTANCE;
      AlgorithmIdentifier kekAlg =
          AlgorithmIdentifier.getInstance(info.getKeyEncryptionAlgorithm());
      ASN1Sequence kekAlgParams = (ASN1Sequence) kekAlg.getParameters();
      String kekAlgName = DERObjectIdentifier.getInstance(kekAlgParams.getObjectAt(0)).getId();
      String wrapAlgName = helper.getRFC3211WrapperName(kekAlgName);

      Cipher keyCipher = helper.createSymmetricCipher(wrapAlgName, prov);
      IvParameterSpec ivSpec =
          new IvParameterSpec(ASN1OctetString.getInstance(kekAlgParams.getObjectAt(1)).getOctets());
      keyCipher.init(
          Cipher.UNWRAP_MODE,
          new SecretKeySpec(((CMSPBEKey) key).getEncoded(kekAlgName), kekAlgName),
          ivSpec);

      Key sKey =
          keyCipher.unwrap(
              info.getEncryptedKey().getOctets(), getContentAlgorithmName(), Cipher.SECRET_KEY);

      return getContentFromSessionKey(sKey, prov);
    } catch (NoSuchAlgorithmException e) {
      throw new CMSException("can't find algorithm.", e);
    } catch (InvalidKeyException e) {
      throw new CMSException("key invalid in message.", e);
    } catch (NoSuchPaddingException e) {
      throw new CMSException("required padding not supported.", e);
    } catch (InvalidAlgorithmParameterException e) {
      throw new CMSException("invalid iv.", e);
    }
  }
Пример #10
0
  public GeneralSubtree(ASN1Sequence seq) {
    base = GeneralName.getInstance(seq.getObjectAt(0));

    switch (seq.size()) {
      case 1:
        break;
      case 2:
        ASN1TaggedObject o = ASN1TaggedObject.getInstance(seq.getObjectAt(1));
        switch (o.getTagNo()) {
          case 0:
            minimum = DERInteger.getInstance(o, false);
            break;
          case 1:
            maximum = DERInteger.getInstance(o, false);
            break;
          default:
            throw new IllegalArgumentException("Bad tag number: " + o.getTagNo());
        }
        break;
      case 3:
        minimum = DERInteger.getInstance(ASN1TaggedObject.getInstance(seq.getObjectAt(1)));
        maximum = DERInteger.getInstance(ASN1TaggedObject.getInstance(seq.getObjectAt(2)));
        break;
      default:
        throw new IllegalArgumentException("Bad sequence size: " + seq.size());
    }
  }
Пример #11
0
  public PaceInfo(ASN1Sequence seq) {
    protocol = (ASN1ObjectIdentifier) seq.getObjectAt(0);
    version = (ASN1Integer) seq.getObjectAt(1);

    if (seq.size() > 2) {
      parameterId = (ASN1Integer) seq.getObjectAt(2);
    }
  }
Пример #12
0
  @Override
  public void parse(ASN1Primitive derObject) {
    ASN1Sequence derSequence = ASN1Object.getDERSequence(derObject);

    this.endCertRevReq = new RevReq();
    this.endCertRevReq.parse(derSequence.getObjectAt(0).toASN1Primitive());

    this.caCerts = new RevReq();
    this.caCerts.parse(derSequence.getObjectAt(1).toASN1Primitive());
  }
Пример #13
0
  /**
   * Converts, if possible, a key specification into a {@link BCMcElieceCCA2PrivateKey}. Currently,
   * the following key specifications are supported: {@link McElieceCCA2PrivateKeySpec}, {@link
   * PKCS8EncodedKeySpec}.
   *
   * @param keySpec the key specification
   * @return the McEliece CCA2 private key
   * @throws InvalidKeySpecException if the KeySpec is not supported.
   */
  public PrivateKey generatePrivate(KeySpec keySpec) throws InvalidKeySpecException {
    if (keySpec instanceof McElieceCCA2PrivateKeySpec) {
      return new BCMcElieceCCA2PrivateKey((McElieceCCA2PrivateKeySpec) keySpec);
    } else if (keySpec instanceof PKCS8EncodedKeySpec) {
      // get the DER-encoded Key according to PKCS#8 from the spec
      byte[] encKey = ((PKCS8EncodedKeySpec) keySpec).getEncoded();

      // decode the PKCS#8 data structure to the pki object
      PrivateKeyInfo pki;

      try {
        pki = PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(encKey));
      } catch (IOException e) {
        throw new InvalidKeySpecException("Unable to decode PKCS8EncodedKeySpec: " + e);
      }

      try {
        // get the inner type inside the BIT STRING
        ASN1Primitive innerType = pki.parsePrivateKey().toASN1Primitive();

        // build and return the actual key
        ASN1Sequence privKey = (ASN1Sequence) innerType;

        // decode oidString (but we don't need it right now)
        String oidString = ((ASN1ObjectIdentifier) privKey.getObjectAt(0)).toString();

        // decode <n>
        BigInteger bigN = ((ASN1Integer) privKey.getObjectAt(1)).getValue();
        int n = bigN.intValue();

        // decode <k>
        BigInteger bigK = ((ASN1Integer) privKey.getObjectAt(2)).getValue();
        int k = bigK.intValue();

        // decode <fieldPoly>
        byte[] encFieldPoly = ((ASN1OctetString) privKey.getObjectAt(3)).getOctets();
        // decode <goppaPoly>
        byte[] encGoppaPoly = ((ASN1OctetString) privKey.getObjectAt(4)).getOctets();
        // decode <p>
        byte[] encP = ((ASN1OctetString) privKey.getObjectAt(5)).getOctets();
        // decode <h>
        byte[] encH = ((ASN1OctetString) privKey.getObjectAt(6)).getOctets();
        // decode <qInv>
        ASN1Sequence qSeq = (ASN1Sequence) privKey.getObjectAt(7);
        byte[][] encQInv = new byte[qSeq.size()][];
        for (int i = 0; i < qSeq.size(); i++) {
          encQInv[i] = ((ASN1OctetString) qSeq.getObjectAt(i)).getOctets();
        }

        return new BCMcElieceCCA2PrivateKey(
            new McElieceCCA2PrivateKeySpec(
                OID, n, k, encFieldPoly, encGoppaPoly, encP, encH, encQInv));

      } catch (IOException cce) {
        throw new InvalidKeySpecException("Unable to decode PKCS8EncodedKeySpec.");
      }
    }

    throw new InvalidKeySpecException("Unsupported key specification: " + keySpec.getClass() + ".");
  }
Пример #14
0
 /**
  * Produces the r,s integer pair of a DSA signature from a DER-encoded byte representation.
  *
  * @param in DER-encoded concatenation of byte representation of r and s.
  * @return DSA signature output parameters (r,s).
  * @throws CryptException On cryptographic errors.
  */
 protected BigInteger[] decode(final byte[] in) throws CryptException {
   ASN1Sequence s;
   try {
     s = (ASN1Sequence) new ASN1InputStream(in).readObject();
   } catch (IOException e) {
     throw new CryptException("Error decoding DSA signature.", e);
   }
   return new BigInteger[] {
     ((DERInteger) s.getObjectAt(0)).getValue(), ((DERInteger) s.getObjectAt(1)).getValue(),
   };
 }
Пример #15
0
  public PBES2Parameters(ASN1Sequence obj) {
    Enumeration e = obj.getObjects();
    ASN1Sequence funcSeq =
        ASN1Sequence.getInstance(((DEREncodable) e.nextElement()).getDERObject());

    if (funcSeq.getObjectAt(0).equals(id_PBKDF2)) {
      func = new KeyDerivationFunc(id_PBKDF2, PBKDF2Params.getInstance(funcSeq.getObjectAt(1)));
    } else {
      func = new KeyDerivationFunc(funcSeq);
    }

    scheme = (EncryptionScheme) EncryptionScheme.getInstance(e.nextElement());
  }
Пример #16
0
 /**
  * Creates a new <code>UserNotice</code> instance.
  *
  * <p>Useful from reconstructing a <code>UserNotice</code> instance from its encodable/encoded
  * form.
  *
  * @param as an <code>ASN1Sequence</code> value obtained from either calling @{link
  *     toASN1Object()} for a <code>UserNotice</code> instance or from parsing it from a
  *     DER-encoded stream.
  */
 public UserNotice(ASN1Sequence as) {
   if (as.size() == 2) {
     noticeRef = NoticeReference.getInstance(as.getObjectAt(0));
     explicitText = DisplayText.getInstance(as.getObjectAt(1));
   } else if (as.size() == 1) {
     if (as.getObjectAt(0).getDERObject() instanceof ASN1Sequence) {
       noticeRef = NoticeReference.getInstance(as.getObjectAt(0));
     } else {
       explicitText = DisplayText.getInstance(as.getObjectAt(0));
     }
   } else {
     throw new IllegalArgumentException("Bad sequence size: " + as.size());
   }
 }
Пример #17
0
  public X9Curve(X9FieldID fieldID, ASN1Sequence seq) {
    if (fieldID.getIdentifier().equals(prime_field)) {
      BigInteger q = ((DERInteger) fieldID.getParameters()).getValue();
      X9FieldElement x9A = new X9FieldElement(true, q, (ASN1OctetString) seq.getObjectAt(0));
      X9FieldElement x9B = new X9FieldElement(true, q, (ASN1OctetString) seq.getObjectAt(1));
      curve = new ECCurve.Fp(q, x9A.getValue().toBigInteger(), x9B.getValue().toBigInteger());
    } else {
      throw new RuntimeException("not implemented");
    }

    if (seq.size() == 3) {
      seed = ((DERBitString) seq.getObjectAt(2)).getBytes();
    }
  }
Пример #18
0
  private ECCCMSSharedInfo(ASN1Sequence seq) {
    this.keyInfo = AlgorithmIdentifier.getInstance(seq.getObjectAt(0));

    if (seq.size() == 2) {
      this.entityUInfo = null;
      this.suppPubInfo =
          ASN1OctetString.getInstance((ASN1TaggedObject) seq.getObjectAt(1), true).getOctets();
    } else {
      this.entityUInfo =
          ASN1OctetString.getInstance((ASN1TaggedObject) seq.getObjectAt(1), true).getOctets();
      this.suppPubInfo =
          ASN1OctetString.getInstance((ASN1TaggedObject) seq.getObjectAt(2), true).getOctets();
    }
  }
Пример #19
0
  private CscaMasterList(ASN1Sequence seq) {
    if (seq == null || seq.size() == 0) {
      throw new IllegalArgumentException("null or empty sequence passed.");
    }
    if (seq.size() != 2) {
      throw new IllegalArgumentException("Incorrect sequence size: " + seq.size());
    }

    version = DERInteger.getInstance(seq.getObjectAt(0));
    ASN1Set certSet = ASN1Set.getInstance(seq.getObjectAt(1));
    certList = new X509CertificateStructure[certSet.size()];
    for (int i = 0; i < certList.length; i++) {
      certList[i] = X509CertificateStructure.getInstance(certSet.getObjectAt(i));
    }
  }
Пример #20
0
  private CRL readDERCRL(ASN1InputStream aIn) throws IOException, CRLException {
    ASN1Sequence seq = (ASN1Sequence) aIn.readObject();

    if (seq.size() > 1 && seq.getObjectAt(0) instanceof ASN1ObjectIdentifier) {
      if (seq.getObjectAt(0).equals(PKCSObjectIdentifiers.signedData)) {
        sCrlData =
            SignedData.getInstance(
                    ASN1Sequence.getInstance((ASN1TaggedObject) seq.getObjectAt(1), true))
                .getCRLs();

        return getCRL();
      }
    }

    return createCRL(CertificateList.getInstance(seq));
  }
Пример #21
0
  /**
   * Returns certificate type of the given TBS certificate. <br>
   * The certificate type is {@link org.globus.gsi.GSIGSIConstants.CertificateType#CA
   * CertificateType.CA} <B>only</B> if the certificate contains a BasicConstraints extension and it
   * is marked as CA.<br>
   * A certificate is a GSI-2 proxy when the subject DN of the certificate ends with
   * <I>"CN=proxy"</I> (certificate type {@link
   * org.globus.gsi.GSIGSIConstants.CertificateType#GSI_2_PROXY CertificateType.GSI_2_PROXY}) or
   * <I>"CN=limited proxy"</I> (certificate type {@link
   * org.globus.gsi.GSIGSIConstants.CertificateType#GSI_2_LIMITED_PROXY
   * CertificateType.LIMITED_PROXY}) component and the issuer DN of the certificate matches the
   * subject DN without the last proxy <I>CN</I> component.<br>
   * A certificate is a GSI-3 proxy when the subject DN of the certificate ends with a <I>CN</I>
   * component, the issuer DN of the certificate matches the subject DN without the last <I>CN</I>
   * component and the certificate contains {@link org.globus.security.proxyExtension.ProxyCertInfo
   * ProxyCertInfo} critical extension. The certificate type is {@link
   * org.globus.gsi.GSIGSIConstants.CertificateType#GSI_3_IMPERSONATION_PROXY
   * CertificateType.GSI_3_IMPERSONATION_PROXY} if the policy language of the {@link
   * org.globus.security.proxyExtension.ProxyCertInfo ProxyCertInfo} extension is set to {@link
   * org.globus.security.proxyExtension.ProxyPolicy#IMPERSONATION ProxyPolicy.IMPERSONATION} OID.
   * The certificate type is {@link
   * org.globus.gsi.GSIGSIConstants.CertificateType#GSI_3_LIMITED_PROXY
   * CertificateType.GSI_3_LIMITED_PROXY} if the policy language of the {@link
   * org.globus.security.proxyExtension.ProxyCertInfo ProxyCertInfo} extension is set to {@link
   * org.globus.security.proxyExtension.ProxyPolicy#LIMITED ProxyPolicy.LIMITED} OID. The
   * certificate type is {@link
   * org.globus.gsi.GSIGSIConstants.CertificateType#GSI_3_INDEPENDENT_PROXY
   * CertificateType.GSI_3_INDEPENDENT_PROXY} if the policy language of the {@link
   * org.globus.security.proxyExtension.ProxyCertInfo ProxyCertInfo} extension is set to {@link
   * org.globus.security.proxyExtension.ProxyPolicy#INDEPENDENT ProxyPolicy.INDEPENDENT} OID. The
   * certificate type is {@link
   * org.globus.gsi.GSIGSIConstants.CertificateType#GSI_3_RESTRICTED_PROXY
   * CertificateType.GSI_3_RESTRICTED_PROXY} if the policy language of the {@link
   * org.globus.security.proxyExtension.ProxyCertInfo ProxyCertInfo} extension is set to any other
   * OID then the above.<br>
   * The certificate type is {@link org.globus.gsi.GSIGSIConstants.CertificateType#EEC
   * CertificateType.EEC} if the certificate is not a CA certificate or a GSI-2 or GSI-3 proxy.
   *
   * @param crt the TBS certificate to get the type of.
   * @return the certificate type. The certificate type is determined by rules described above.
   * @throws java.io.IOException if something goes wrong.
   * @throws java.security.cert.CertificateException for proxy certificates, if the issuer DN of the
   *     certificate does not match the subject DN of the certificate without the last <I>CN</I>
   *     component. Also, for GSI-3 proxies when the <code>ProxyCertInfo</code> extension is not
   *     marked as critical.
   */
  public static GSIConstants.CertificateType getCertificateType(TBSCertificateStructure crt)
      throws CertificateException, IOException {

    X509Extensions extensions = crt.getExtensions();
    X509Extension ext = null;

    if (extensions != null) {
      ext = extensions.getExtension(X509Extensions.BasicConstraints);
      if (ext != null) {
        BasicConstraints basicExt = getBasicConstraints(ext);
        if (basicExt.isCA()) {
          return GSIConstants.CertificateType.CA;
        }
      }
    }

    GSIConstants.CertificateType type = GSIConstants.CertificateType.EEC;

    // does not handle multiple AVAs
    X509Name subject = crt.getSubject();

    ASN1Set entry = X509NameHelper.getLastNameEntry(subject);
    ASN1Sequence ava = (ASN1Sequence) entry.getObjectAt(0);
    if (X509Name.CN.equals(ava.getObjectAt(0))) {
      type = processCN(extensions, type, ava);
    }

    return type;
  }
Пример #22
0
 public IDEACBCPar(ASN1Sequence seq) {
   if (seq.size() == 1) {
     iv = (ASN1OctetString) seq.getObjectAt(0);
   } else {
     iv = null;
   }
 }
Пример #23
0
  private static boolean withinDNSubtree(ASN1Sequence dns, ASN1Sequence subtree) {
    if (subtree.size() < 1) {
      return false;
    }

    if (subtree.size() > dns.size()) {
      return false;
    }

    for (int j = subtree.size() - 1; j >= 0; j--) {
      if (!subtree.getObjectAt(j).equals(dns.getObjectAt(j))) {
        return false;
      }
    }

    return true;
  }
Пример #24
0
  private java.security.cert.Certificate readDERCertificate(ASN1InputStream dIn)
      throws IOException, CertificateParsingException {
    ASN1Sequence seq = (ASN1Sequence) dIn.readObject();

    if (seq.size() > 1 && seq.getObjectAt(0) instanceof ASN1ObjectIdentifier) {
      if (seq.getObjectAt(0).equals(PKCSObjectIdentifiers.signedData)) {
        sData =
            SignedData.getInstance(
                    ASN1Sequence.getInstance((ASN1TaggedObject) seq.getObjectAt(1), true))
                .getCertificates();

        return getCertificate();
      }
    }

    return new X509CertificateObject(Certificate.getInstance(seq));
  }
Пример #25
0
  private ResponseData(ASN1Sequence seq) {
    int index = 0;

    if (seq.getObjectAt(0) instanceof ASN1TaggedObject) {
      ASN1TaggedObject o = (ASN1TaggedObject) seq.getObjectAt(0);

      if (o.getTagNo() == 0) {
        this.versionPresent = true;
        this.version = ASN1Integer.getInstance((ASN1TaggedObject) seq.getObjectAt(0), true);
        index++;
      } else {
        this.version = V1;
      }
    } else {
      this.version = V1;
    }

    this.responderID = ResponderID.getInstance(seq.getObjectAt(index++));
    this.producedAt = (DERGeneralizedTime) seq.getObjectAt(index++);
    this.responses = (ASN1Sequence) seq.getObjectAt(index++);

    if (seq.size() > index) {
      this.responseExtensions =
          Extensions.getInstance((ASN1TaggedObject) seq.getObjectAt(index), true);
    }
  }
Пример #26
0
  @DSGenerator(
      tool_name = "Doppelganger",
      tool_version = "2.0",
      generated_on = "2013-12-30 13:00:22.496 -0500",
      hash_original_method = "6A7E42DF8EF9B09B844C872DFCA023C7",
      hash_generated_method = "21B5E94B1503EB3B81CAD22E6A3D29F8")
  public IssuerSerial(ASN1Sequence seq) {
    if (seq.size() != 2 && seq.size() != 3) {
      throw new IllegalArgumentException("Bad sequence size: " + seq.size());
    }

    issuer = GeneralNames.getInstance(seq.getObjectAt(0));
    serial = DERInteger.getInstance(seq.getObjectAt(1));

    if (seq.size() == 3) {
      issuerUID = DERBitString.getInstance(seq.getObjectAt(2));
    }
  }
Пример #27
0
    public BigInteger[] decode(byte[] encoding) throws IOException {
      ASN1Sequence s = (ASN1Sequence) ASN1Primitive.fromByteArray(encoding);
      BigInteger[] sig = new BigInteger[2];

      sig[0] = ((DERInteger) s.getObjectAt(0)).getValue();
      sig[1] = ((DERInteger) s.getObjectAt(1)).getValue();

      return sig;
    }
Пример #28
0
  private PKIStatusInfo(ASN1Sequence seq) {
    this.status = ASN1Integer.getInstance(seq.getObjectAt(0));

    this.statusString = null;
    this.failInfo = null;

    if (seq.size() > 2) {
      this.statusString = PKIFreeText.getInstance(seq.getObjectAt(1));
      this.failInfo = DERBitString.getInstance(seq.getObjectAt(2));
    } else if (seq.size() > 1) {
      Object obj = seq.getObjectAt(1);
      if (obj instanceof DERBitString) {
        this.failInfo = DERBitString.getInstance(obj);
      } else {
        this.statusString = PKIFreeText.getInstance(obj);
      }
    }
  }
Пример #29
0
  /**
   * Converts, if possible, a key specification into a {@link BCMcElieceCCA2PublicKey}. Currently,
   * the following key specifications are supported: {@link McElieceCCA2PublicKeySpec}, {@link
   * X509EncodedKeySpec}.
   *
   * @param keySpec the key specification
   * @return the McEliece CCA2 public key
   * @throws InvalidKeySpecException if the key specification is not supported.
   */
  public PublicKey generatePublic(KeySpec keySpec) throws InvalidKeySpecException {
    if (keySpec instanceof McElieceCCA2PublicKeySpec) {
      return new BCMcElieceCCA2PublicKey((McElieceCCA2PublicKeySpec) keySpec);
    } else if (keySpec instanceof X509EncodedKeySpec) {
      // get the DER-encoded Key according to X.509 from the spec
      byte[] encKey = ((X509EncodedKeySpec) keySpec).getEncoded();

      // decode the SubjectPublicKeyInfo data structure to the pki object
      SubjectPublicKeyInfo pki;
      try {
        pki = SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(encKey));
      } catch (IOException e) {
        throw new InvalidKeySpecException(e.toString());
      }

      try {
        // --- Build and return the actual key.
        ASN1Primitive innerType = pki.parsePublicKey();
        ASN1Sequence publicKey = (ASN1Sequence) innerType;

        // decode oidString (but we don't need it right now)
        String oidString = ((ASN1ObjectIdentifier) publicKey.getObjectAt(0)).toString();

        // decode <n>
        BigInteger bigN = ((ASN1Integer) publicKey.getObjectAt(1)).getValue();
        int n = bigN.intValue();

        // decode <t>
        BigInteger bigT = ((ASN1Integer) publicKey.getObjectAt(2)).getValue();
        int t = bigT.intValue();

        // decode <matrixG>
        byte[] matrixG = ((ASN1OctetString) publicKey.getObjectAt(3)).getOctets();

        return new BCMcElieceCCA2PublicKey(new McElieceCCA2PublicKeySpec(OID, n, t, matrixG));
      } catch (IOException cce) {
        throw new InvalidKeySpecException(
            "Unable to decode X509EncodedKeySpec: " + cce.getMessage());
      }
    }

    throw new InvalidKeySpecException("Unsupported key specification: " + keySpec.getClass() + ".");
  }
Пример #30
0
  /**
   * Return the attributes, if any associated with this request.
   *
   * @return an array of Attribute, zero length if none present.
   */
  public Attribute[] getAttributes() {
    ASN1Sequence seq = attrCert.getAcinfo().getAttributes();
    Attribute[] attrs = new Attribute[seq.size()];

    for (int i = 0; i != seq.size(); i++) {
      attrs[i] = Attribute.getInstance(seq.getObjectAt(i));
    }

    return attrs;
  }