/**
* Returns the SubjectKeyIdentifier extension value on String format.<br>
* Otherwise, returns <b>null</b>.<br>
*
* @return String
*/
public String getSubjectKeyIdentifier() throws IOException {
// TODO - Precisa validar este metodo com a RFC
DEROctetString oct =
(DEROctetString) getExtensionValue(X509Extensions.SubjectKeyIdentifier.getId());
if (oct == null) {
return null;
}
return toString(oct.getOctets());
}
public void testKEKDESede() throws Exception {
tryKekAlgorithm(
CMSTestUtil.makeDesede192Key(), new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.3.6"));
DEROctetString iv = new DEROctetString(Hex.decode("0001020304050607"));
tryKekAlgorithm(
CMSTestUtil.makeDesede192Key(),
new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.3.6"),
iv.getEncoded());
}
/**
* Returns the AuthorityKeyIdentifier extension value on String format.<br>
* Otherwise, returns <b>null</b>.<br>
*
* @return String
* @throws IOException
*/
public String getAuthorityKeyIdentifier() throws IOException {
// TODO - Precisa validar este metodo com a RFC
DERSequence seq =
(DERSequence) getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());
if (seq == null || seq.size() == 0) {
return null;
}
DERTaggedObject tag = (DERTaggedObject) seq.getObjectAt(0);
DEROctetString oct = (DEROctetString) DEROctetString.getInstance(tag);
return toString(oct.getOctets());
}
public void fromByteArray(byte[] encodedData) {
ASN1InputStream asn1in = new ASN1InputStream(encodedData);
try {
to = (DERTaggedObject) asn1in.readObject();
asn1in.close();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
DEROctetString ocs = (DEROctetString) to.getObject();
data = ocs.getOctets();
}
private byte[] getAuthorityKeyId(X509Certificate cert) throws IOException {
byte[] extvalue = cert.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());
if (extvalue == null) {
return null;
}
DEROctetString oct =
(DEROctetString) (new ASN1InputStream(new ByteArrayInputStream(extvalue)).readObject());
AuthorityKeyIdentifier keyId =
new AuthorityKeyIdentifier(
(ASN1Sequence)
new ASN1InputStream(new ByteArrayInputStream(oct.getOctets())).readObject());
return keyId.getKeyIdentifier();
}
/**
* Returns the DERObject for the informed OID<br>
* atraves do OID.<br>
*
* @param oid
* @return DERObject
* @see DERObject
*/
@SuppressWarnings("resource")
public ASN1Object getExtensionValue(String oid) {
byte[] extvalue = certificate.getExtensionValue(oid);
if (extvalue == null) {
return null;
}
try {
DEROctetString oct = (DEROctetString) (new ASN1InputStream(extvalue).readObject());
return (new ASN1InputStream(oct.getOctets()).readObject());
} catch (IOException e) {
e.printStackTrace();
}
return null;
}
public SignerInfo(ASN1Sequence seq) {
Enumeration e = seq.getObjects();
version = (DERInteger) e.nextElement();
issuerAndSerialNumber = IssuerAndSerialNumber.getInstance(e.nextElement());
digAlgorithm = AlgorithmIdentifier.getInstance(e.nextElement());
Object obj = e.nextElement();
if (obj instanceof ASN1TaggedObject) {
authenticatedAttributes = ASN1Set.getInstance((ASN1TaggedObject) obj, false);
digEncryptionAlgorithm = AlgorithmIdentifier.getInstance(e.nextElement());
} else {
authenticatedAttributes = null;
digEncryptionAlgorithm = AlgorithmIdentifier.getInstance(obj);
}
encryptedDigest = DEROctetString.getInstance(e.nextElement());
if (e.hasMoreElements()) {
unauthenticatedAttributes = ASN1Set.getInstance((ASN1TaggedObject) e.nextElement(), false);
} else {
unauthenticatedAttributes = null;
}
}
/**
* This method returns the {@code ASN1Sequence} encapsulated in {@code DEROctetString}. The {@code
* DEROctetString} is represented as {@code byte} array.
*
* @param bytes {@code byte} representation of {@code DEROctetString}
* @return encapsulated {@code ASN1Sequence}
* @throws DSSException in case of a decoding problem
*/
public static ASN1Sequence getAsn1SequenceFromDerOctetString(byte[] bytes) throws DSSException {
ASN1InputStream input = null;
try {
input = new ASN1InputStream(bytes);
final DEROctetString s = (DEROctetString) input.readObject();
final byte[] content = s.getOctets();
input.close();
input = new ASN1InputStream(content);
final ASN1Sequence seq = (ASN1Sequence) input.readObject();
return seq;
} catch (IOException e) {
throw new DSSException("Error when converting byte array to ASN1Sequence!", e);
} finally {
DSSUtils.closeQuietly(input);
}
}
BCGOST3410PublicKey(SubjectPublicKeyInfo info) {
GOST3410PublicKeyAlgParameters params =
new GOST3410PublicKeyAlgParameters((ASN1Sequence) info.getAlgorithmId().getParameters());
DEROctetString derY;
try {
derY = (DEROctetString) info.parsePublicKey();
byte[] keyEnc = derY.getOctets();
byte[] keyBytes = new byte[keyEnc.length];
for (int i = 0; i != keyEnc.length; i++) {
keyBytes[i] = keyEnc[keyEnc.length - 1 - i]; // was little endian
}
this.y = new BigInteger(1, keyBytes);
} catch (IOException e) {
throw new IllegalArgumentException("invalid info structure in GOST3410 public key");
}
this.gost3410Spec = GOST3410ParameterSpec.fromPublicKeyAlg(params);
}
@Override
protected Object doExecute() throws Exception {
Set<String> caNames = caClient.getCaNames();
if (isEmpty(caNames)) {
throw new IllegalCmdParamException("no CA is configured");
}
if (caName != null && !caNames.contains(caName)) {
throw new IllegalCmdParamException(
"CA " + caName + " is not within the configured CAs " + caNames);
}
if (caName == null) {
if (caNames.size() == 1) {
caName = caNames.iterator().next();
} else {
throw new IllegalCmdParamException(
"no caname is specified, one of " + caNames + " is required");
}
}
X509CRL crl = null;
try {
crl = retrieveCRL(caName);
} catch (PKIErrorException e) {
throw new CmdFailure("received no CRL from server: " + e.getMessage());
}
if (crl == null) {
throw new CmdFailure("received no CRL from server");
}
saveVerbose("saved CRL to file", new File(outFile), crl.getEncoded());
if (withBaseCRL.booleanValue()) {
byte[] octetString = crl.getExtensionValue(Extension.deltaCRLIndicator.getId());
if (octetString != null) {
if (baseCRLOut == null) {
baseCRLOut = outFile + "-baseCRL";
}
byte[] extnValue = DEROctetString.getInstance(octetString).getOctets();
BigInteger baseCrlNumber = ASN1Integer.getInstance(extnValue).getPositiveValue();
RequestResponseDebug debug = getRequestResponseDebug();
try {
crl = caClient.downloadCRL(caName, baseCrlNumber, debug);
} catch (PKIErrorException e) {
throw new CmdFailure("received no baseCRL from server: " + e.getMessage());
} finally {
saveRequestResponse(debug);
}
if (crl == null) {
throw new CmdFailure("received no baseCRL from server");
} else {
saveVerbose("saved baseCRL to file", new File(baseCRLOut), crl.getEncoded());
}
}
}
return null;
} // method doExecute
/**
* This method checks if a given {@code DEROctetString} is null.
*
* @param derOctetString
* @return
*/
public static boolean isDEROctetStringNull(final DEROctetString derOctetString) {
final byte[] derOctetStringBytes = derOctetString.getOctets();
final ASN1Primitive asn1Null = DSSASN1Utils.toASN1Primitive(derOctetStringBytes);
return DERNull.INSTANCE.equals(asn1Null);
}