List of usage examples for org.bouncycastle.asn1 ASN1ObjectIdentifier getInstance
public static ASN1ObjectIdentifier getInstance(ASN1TaggedObject obj, boolean explicit)
From source file:ca.trustpoint.m2m.M2mCertificateFactory.java
License:Apache License
/** * Parses the given ASN.1 sequence and return the corresponding {@link M2mCertificate * M2MCertificate} object./* w w w .j a va 2 s .c o m*/ * * @param seq ASN.1 sequence containing TBS data. * @param cert A M2MCertificate object. * @throw InvalidKeyException if public key is invalid. * @throw IOException if parsing error. * @throw URISyntaxException if URI field is invalid. */ private void parseTbsCertificate(ASN1Sequence seq, M2mCertificate cert) throws InvalidKeyException, IOException, URISyntaxException { if (seq.size() < 2) { throw new IOException("no enough data for TBS certificate in sequence"); } // Set tbsCertificate for (int i = 0; i < seq.size(); i++) { ASN1TaggedObject obj = (ASN1TaggedObject) seq.getObjectAt(i); TbsCertificateFields tag = TbsCertificateFields.getInstance(obj.getTagNo()); switch (tag) { case SERIAL_NUMBER: ASN1OctetString serialNumber = ASN1OctetString.getInstance(obj, false); cert.setSerialNumber(serialNumber.getOctets()); break; case CA_ALGORITHM: ASN1ObjectIdentifier cAAlgorithm = ASN1ObjectIdentifier.getInstance(obj, false); if (cert.getCaKeyDefinition() == null) { cert.setCaKeyDefinition(new KeyAlgorithmDefinition()); } cert.getCaKeyDefinition().setAlgorithm(parseKeyAlgorithmDefinitionAlgorithm(cAAlgorithm)); break; case CA_ALGORITHM_PARAMETERS: ASN1OctetString cAAlgParams = ASN1OctetString.getInstance(obj, false); if (cert.getCaKeyDefinition() == null) { cert.setCaKeyDefinition(new KeyAlgorithmDefinition()); } cert.getCaKeyDefinition().setParameters(cAAlgParams.getOctets()); break; case ISSUER: ASN1Sequence issuerSeq = ASN1Sequence.getInstance(obj, false); cert.setIssuer(parseEntityName(issuerSeq)); break; case VALID_FROM: ASN1OctetString validFrom = ASN1OctetString.getInstance(obj, false); BigInteger dateTimeBInt = new BigInteger(validFrom.getOctets()); // date in sequence is second, converts to millisecond for constructing Date long dateTime = dateTimeBInt.longValue() * 1000; cert.setValidFrom(new Date(dateTime)); break; case VALID_DURATION: ASN1OctetString validDuration = ASN1OctetString.getInstance(obj, false); BigInteger duration = new BigInteger(validDuration.getOctets()); cert.setValidDuration(new Integer(duration.intValue())); break; case SUBJECT: ASN1Sequence subjectSeq = ASN1Sequence.getInstance(obj, false); cert.setSubject(parseEntityName(subjectSeq)); break; case PUBLIC_KEY_ALGORITHM: ASN1ObjectIdentifier pKAlgorithm = ASN1ObjectIdentifier.getInstance(obj, false); if (cert.getPublicKeyDefinition() == null) { cert.setPublicKeyDefinition(new KeyAlgorithmDefinition()); } cert.getPublicKeyDefinition().setAlgorithm(parseKeyAlgorithmDefinitionAlgorithm(pKAlgorithm)); break; case PUBLIC_KEY_ALGORITHM_PARAMETERS: ASN1OctetString pKAlgParams = ASN1OctetString.getInstance(obj, false); if (cert.getPublicKeyDefinition() == null) { cert.setPublicKeyDefinition(new KeyAlgorithmDefinition()); } cert.getPublicKeyDefinition().setParameters(pKAlgParams.getOctets()); break; case PUBLIC_KEY: ASN1OctetString pubKey = ASN1OctetString.getInstance(obj, false); byte[] rawPublicKey = pubKey.getOctets(); cert.setIsPublicKeyCompressed(KeyConversionUtils.isCompressedEcPoint(rawPublicKey)); PublicKey publicKey = KeyConversionUtils.convertRawBytestoEcPublicKey(rawPublicKey); cert.setPublicKey(publicKey); break; case AUTHORITY_KEY_ID: ASN1Sequence authKeyIdSeq = ASN1Sequence.getInstance(obj, false); cert.setAuthorityKeyIdentifier(parseAuthorityKeyIdentifier(authKeyIdSeq)); break; case SUBJECT_KEY_ID: ASN1OctetString subjKeyId = ASN1OctetString.getInstance(obj, false); cert.setSubjectKeyIdentifier(subjKeyId.getOctets()); break; case KEY_USAGE: ASN1OctetString keyUsageObj = ASN1OctetString.getInstance(obj, false); KeyUsage keyUsage = new KeyUsage(keyUsageObj.getEncoded()); cert.setKeyUsage(keyUsage); break; case BASIC_CONSTRAINTS: ASN1Integer basicConstraints = ASN1Integer.getInstance(obj, false); cert.setBasicConstraints(basicConstraints.getValue().intValue()); break; case CERTIFICATE_POLICY: ASN1ObjectIdentifier certPolicy = ASN1ObjectIdentifier.getInstance(obj, false); cert.setCertificatePolicy(certPolicy.getId()); break; case SUBJECT_ALTERNATE_NAME: ASN1TaggedObject subjectAltNameObj = ASN1TaggedObject.getInstance(obj, true); cert.setSubjectAlternativeName(parseGeneralName(subjectAltNameObj)); break; case ISSUER_ALTERNATE_NAME: ASN1TaggedObject issuerAltNameObj = ASN1TaggedObject.getInstance(obj, true); cert.setIssuerAlternativeName(parseGeneralName(issuerAltNameObj)); break; case EXTENDED_KEY_USAGE: ASN1ObjectIdentifier extendedKeyUsage = ASN1ObjectIdentifier.getInstance(obj, false); cert.setExtendedKeyUsage(extendedKeyUsage.getId()); break; case AUTHENTICATION_INFO_ACCESS_OCSP: DERIA5String authInfoAccessOCSPObj = DERIA5String.getInstance(obj, false); URI authInfoAccessOCSP = new URI(authInfoAccessOCSPObj.getString()); cert.setAuthenticationInfoAccessOcsp(authInfoAccessOCSP); break; case CRL_DISTRIBUTION_POINT_URI: DERIA5String cRLDistribPointURIObj = DERIA5String.getInstance(obj, false); URI cRLDistribPointURI = new URI(cRLDistribPointURIObj.getString()); cert.setCrlDistributionPointUri(cRLDistribPointURI); break; case EXTENSIONS: ASN1Sequence x509extensionsSeq = ASN1Sequence.getInstance(obj, false); parseX509extensions(x509extensionsSeq, cert); break; default: throw new IOException("unknow TBS certificate field number: " + tag.getTagNumber()); } } }
From source file:ca.trustpoint.m2m.M2mCertificateFactory.java
License:Apache License
/** * Parses ASN.1 tagged object to construct an {@link EntityNameAttribute} object. * * @param obj ASN.1 tagged object for {@link EntityNameAttribute}. * @return An instance of {@link EntityNameAttribute} constructed from obj. * @throw IOException if parsing has error or unknown ID or no value. *///from www.j av a 2s.c o m private EntityNameAttribute parseEntityNameAttribute(ASN1TaggedObject obj) throws IOException { EntityNameAttributeId aid = EntityNameAttributeId.getInstance(obj.getTagNo()); String value = null; switch (aid) { case Country: case DistinguishedNameQualifier: case SerialNumber: value = DERPrintableString.getInstance(obj, false).getString(); break; case Organization: case OrganizationalUnit: case StateOrProvince: case Locality: case CommonName: value = DERUTF8String.getInstance(obj, false).getString(); break; case DomainComponent: value = DERIA5String.getInstance(obj, false).getString(); break; case RegisteredId: value = ASN1ObjectIdentifier.getInstance(obj, false).getId(); break; case OctetsName: byte[] octets = ASN1OctetString.getInstance(obj, false).getOctets(); value = Hex.toHexString(octets); break; default: throw new IOException("unknown entity name attribute id: " + aid.getIndexId()); } if (value == null) { throw new IOException("null entity name attribute value for id: " + aid.getIndexId()); } EntityNameAttribute attribute = new EntityNameAttribute(); attribute.setId(aid); attribute.setValue(value); if (!attribute.isValid()) { throw new IOException("invalid entity name attribute value for id: " + aid.getIndexId()); } return attribute; }
From source file:ca.trustpoint.m2m.M2mCertificateFactory.java
License:Apache License
/** * Parses ASN.1 tagged object to construct a {@link GeneralName} object. * * @param obj An ASN.1 tagged object./* w w w.j av a2 s .c o m*/ * @return An instance of {@link GeneralName} constructed from obj. * @throw IOException if parsing error or data invalid. */ private GeneralName parseGeneralName(ASN1TaggedObject obj) throws IOException { GeneralName name = new GeneralName(); GeneralNameAttributeId id = GeneralNameAttributeId.getInstance(obj.getTagNo()); switch (id) { case Rfc822Name: DERIA5String rfc822NameObj = DERIA5String.getInstance(obj, false); name.setAttributeId(GeneralNameAttributeId.Rfc822Name); name.setValue(rfc822NameObj.getString()); break; case DnsName: DERIA5String dNSNameObj = DERIA5String.getInstance(obj, false); name.setAttributeId(GeneralNameAttributeId.DnsName); name.setValue(dNSNameObj.getString()); break; case DirectoryName: ASN1Sequence directoryNameSeq = ASN1Sequence.getInstance(obj, false); name.setEntity(parseEntityName(directoryNameSeq)); break; case Uri: DERIA5String uriObj = DERIA5String.getInstance(obj, false); name.setAttributeId(GeneralNameAttributeId.Uri); name.setValue(uriObj.getString()); break; case IpAddress: ASN1OctetString iPAddressObj = ASN1OctetString.getInstance(obj, false); String iPAddress = InetAddress.getByAddress(iPAddressObj.getOctets()).getHostAddress(); name.setAttributeId(GeneralNameAttributeId.IpAddress); name.setValue(iPAddress); break; case RegisteredId: ASN1ObjectIdentifier registeredIDObj = ASN1ObjectIdentifier.getInstance(obj, false); name.setAttributeId(GeneralNameAttributeId.RegisteredId); name.setValue(registeredIDObj.getId()); break; default: throw new IOException("unknown GeneralName ID: " + id.getIndexId()); } if (!name.isValid()) { throw new IOException("invalid GeneralName instance parsed from ASN.1 tagged object"); } return name; }
From source file:ca.trustpoint.m2m.M2mCertificateFactory.java
License:Apache License
/** * Parses ASN.1 sequence to set up X.509 extentions of a {@link M2mCertificate} object. * * @param seq An ASN.1 sequence containing X.509 extentions. * @param cert A {@link M2mCertificate} object to be filled. * @throw IOException if parsing error or data invalid. *//*w w w.j a v a 2 s . c o m*/ private void parseX509extensions(ASN1Sequence seq, M2mCertificate cert) throws IOException { if (seq.size() < 1) { throw new IOException("not X.509 extension data in sequence"); } for (int i = 0; i < seq.size(); i++) { ASN1Sequence extSeq = (ASN1Sequence) seq.getObjectAt(i); if (extSeq.size() < 2) { throw new IOException("no enough data fields for X.509 extension in sequence"); } else if (extSeq.size() > 3) { throw new IOException("too many data fields for X.509 extension in sequence"); } String oid = null; boolean isCritical = false; byte[] value = null; for (int j = 0; j < extSeq.size(); j++) { ASN1TaggedObject obj = (ASN1TaggedObject) extSeq.getObjectAt(j); switch (obj.getTagNo()) { case 0: // oid ASN1ObjectIdentifier oidObj = ASN1ObjectIdentifier.getInstance(obj, false); oid = oidObj.getId(); break; case 1: // isCritical ASN1Boolean isCriticalObj = ASN1Boolean.getInstance(obj, false); isCritical = isCriticalObj.isTrue(); break; case 2: // value ASN1OctetString valueObj = ASN1OctetString.getInstance(obj, false); value = valueObj.getOctets(); break; default: throw new IOException("unknown x509extension ID: " + obj.getTagNo()); } } cert.addExtension(oid, isCritical, value); } }
From source file:jcifs.spnego.NegTokenTarg.java
License:Open Source License
@Override protected void parse(byte[] token) throws IOException { try (ASN1InputStream der = new ASN1InputStream(token)) { ASN1TaggedObject tagged = (ASN1TaggedObject) der.readObject(); ASN1Sequence sequence = ASN1Sequence.getInstance(tagged, true); Enumeration<?> fields = sequence.getObjects(); while (fields.hasMoreElements()) { tagged = (ASN1TaggedObject) fields.nextElement(); switch (tagged.getTagNo()) { case 0: ASN1Enumerated enumerated = ASN1Enumerated.getInstance(tagged, true); setResult(enumerated.getValue().intValue()); break; case 1: ASN1ObjectIdentifier mech = ASN1ObjectIdentifier.getInstance(tagged, true); setMechanism(new Oid(mech.getId())); break; case 2: ASN1OctetString mechanismToken = ASN1OctetString.getInstance(tagged, true); setMechanismToken(mechanismToken.getOctets()); break; case 3: ASN1OctetString mechanismListMIC = ASN1OctetString.getInstance(tagged, true); setMechanismListMIC(mechanismListMIC.getOctets()); break; default: throw new IOException("Malformed token field."); }//from ww w. j a va2s. c om } } catch (GSSException e) { throw new IOException("Failed to parse Oid", e); } }