Example usage for org.bouncycastle.asn1 BERTaggedObject BERTaggedObject

List of usage examples for org.bouncycastle.asn1 BERTaggedObject BERTaggedObject

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.asn1.*
  5. BERTaggedObject
  6. BERTaggedObject

Introduction

In this page you can find the example usage for org.bouncycastle.asn1 BERTaggedObject BERTaggedObject.

Prototype

public BERTaggedObject(boolean explicit, int tagNo, ASN1Encodable obj)

Source Link

Usage

From source file:ca.trustpoint.m2m.M2mCertificateFactoryTest.java

License:Apache License

@BeforeClass
public static void initializeTests() throws Exception {
    // Construct certificate data
    // A full certificate
    M2mCertificate cert = new M2mCertificate();

    // serialNumber
    byte[] serialNumber = Hex.decode("F964EF36");
    cert.setSerialNumber(serialNumber);//from   www. j  a  va  2 s  .c  o  m

    // cAAlgorithm, CAAlgParams
    KeyAlgorithmDefinition caKeyDefinition = new KeyAlgorithmDefinition();
    caKeyDefinition.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA512_SECP521R1);
    caKeyDefinition.setParameters(Hex.decode("102030405060708090A0B0C0E0F0"));
    cert.setCaKeyDefinition(caKeyDefinition);

    // issuer
    EntityName issuer = new EntityName();
    issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.Country, "CA"));
    issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "MyRoot"));
    issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.DomainComponent, "DomC"));
    issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.OctetsName, "ca2f00"));
    cert.setIssuer(issuer);

    // validFrom
    Calendar calendar = new GregorianCalendar(2016, 7, 1);
    Date validFrom = calendar.getTime();
    cert.setValidFrom(validFrom);

    // validDuration
    cert.setValidDuration(60 * 60 * 24 * 365);

    // subject
    EntityName subject = new EntityName();
    subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.Country, "CA"));
    subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "MyTest"));
    subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.DomainComponent, "DomC"));
    subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.OctetsName, "ca2f01"));
    cert.setSubject(subject);

    // pKAlgorithm, pKAlgParams
    KeyAlgorithmDefinition publicKeyDefinition = new KeyAlgorithmDefinition();
    publicKeyDefinition.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA256_SECP256R1);
    publicKeyDefinition.setParameters(Hex.decode("0102030405060708090A0B0C0E0F"));
    cert.setPublicKeyDefinition(publicKeyDefinition);

    // pubKey
    byte[] rawPublicKey = Hex.decode("040078EF059D605AB85B6A25A6EF31A1A73A632D3CB04DC606A8CA0B58239661"
            + "68CFAF6131D8D9B53F6BDF6B62946EC4B41D618FA3FF7F8BBFACBFD4F64FE3C3"
            + "3DA9D200A47AE528DC50B6F3876D7F5BA3C082D9927751E1A8C4F934D90942B3"
            + "5C57DFE311B2663E8D0187AD4EDE31BF9CD2AD8317107360522FDB6975AB2CD6" + "6DC029981F");
    boolean isCompressed = KeyConversionUtils.isCompressedEcPoint(rawPublicKey);
    cert.setIsPublicKeyCompressed(isCompressed);

    PublicKey publicKey = KeyConversionUtils.convertRawBytestoEcPublicKey(rawPublicKey);
    cert.setPublicKey(publicKey);

    // authKeyId
    AuthorityKeyIdentifier authKeyId = new AuthorityKeyIdentifier();
    authKeyId.setKeyIdentifier(Hex.decode("793F0C56"));
    GeneralName authKeyIdIssuer = new GeneralName(GeneralNameAttributeId.DnsName, "authKeyIdIssuer");
    authKeyId.setCertificateIssuer(authKeyIdIssuer);
    authKeyId.setCertificateSerialNumber(new BigInteger(Hex.decode("729CB27DAE30")));
    cert.setAuthorityKeyIdentifier(authKeyId);

    // subjKeyId
    cert.setSubjectKeyIdentifier(Hex.decode("729CB27DAE31"));

    // keyUsage
    KeyUsage keyUsage = new KeyUsage();
    keyUsage.setDigitalSignature(true);
    cert.setKeyUsage(keyUsage);

    // basicConstraints
    cert.setBasicConstraints(5);

    // certificatePolicy
    cert.setCertificatePolicy("1.2.66.148.0.12");

    // subjectAltName
    GeneralName subjectAltName = new GeneralName(GeneralNameAttributeId.DnsName, "subjectAltName");
    cert.setSubjectAlternativeName(subjectAltName);

    // issuerAltName
    GeneralName issuerAltName = new GeneralName(GeneralNameAttributeId.DnsName, "issuerAltName");
    cert.setIssuerAlternativeName(issuerAltName);

    // extendedKeyUsage
    cert.setExtendedKeyUsage("1.3.22.174.22");

    // authInfoAccessOCSP
    URI authInfoAccessOCSP = new URI("https://ocsptest.trustpointinnovation.com");
    cert.setAuthenticationInfoAccessOcsp(authInfoAccessOCSP);

    // cRLDistribPointURI
    URI cRLDistribPointURI = new URI("https://ocsptest.trustpointinnovation.com");
    cert.setCrlDistributionPointUri(cRLDistribPointURI);

    // x509extensions
    String oid1 = "1.5.24.632.0";
    String oid2 = "1.5.24.632.1";
    byte[] value1 = Hex.decode("003a772fb1");
    byte[] value2 = Hex.decode("98f2b10e27");
    cert.addExtension(oid1, true, value1);
    cert.addExtension(oid2, false, value2);

    // cACalcValue
    byte[] caCalcValue = Hex.decode("3081880242014F15CAF8EF38626B2C7CFA85B9544E028668290CADB45F62E215"
            + "3EAAF5A9D51AF5BF0D02F2C057D3856B5CBFB3529C25B8481405924039FA612D"
            + "422AE9A1A85591024201868D3DFE5FC2BEDD2F7468B0B17ED2708E76CD0D37C4"
            + "4F4D0BB88693752046FCFC56D9818B32533B8992923C2C81499400AC44FBBECD" + "6324D8AE1DD41EC73A0B2A");
    cert.setCaCalcValue(caCalcValue);

    // get encoded data
    fullCertData = cert.getEncoded();

    int mySignerIndex = 0;
    int myIssuerIndex = 1;
    int bluelineIndex = 2;
    int certsTotal = 3;

    // construct certificate array
    ASN1Encodable[] certArray = new ASN1Encodable[certsTotal];
    certArray[mySignerIndex] = ASN1Primitive.fromByteArray(signerData);
    certArray[myIssuerIndex] = ASN1Primitive.fromByteArray(issuerData);
    certArray[bluelineIndex] = ASN1Primitive.fromByteArray(rootcaData);
    ASN1EncodableVector vCerts;

    // Construct PKI Path encoding input data
    vCerts = new ASN1EncodableVector();
    vCerts.add(certArray[bluelineIndex]);
    vCerts.add(certArray[myIssuerIndex]);
    vCerts.add(certArray[mySignerIndex]);
    pkiPathInputData = new DERSequence(vCerts).getEncoded();

    // Construct PKCS7 encoding input data
    ASN1EncodableVector vContentInfo = new ASN1EncodableVector();

    // contentType
    ASN1ObjectIdentifier contentType = PKCSObjectIdentifiers.data;
    vContentInfo.add(contentType);

    // content: signedData
    ASN1EncodableVector vSignedData = new ASN1EncodableVector();

    // version
    ASN1Integer sdVersion = new ASN1Integer(BigInteger.ONE);
    vSignedData.add(sdVersion);

    // digestAlgorithmIds
    DERSet sdDigestAlgorithmIds = new DERSet();
    vSignedData.add(sdDigestAlgorithmIds);

    // contentInfo without content
    BERSequence sdContentInfo = new BERSequence(PKCSObjectIdentifiers.data);
    vSignedData.add(sdContentInfo);

    // certificates [0] IMPLICIT SET OF certificate
    vCerts = new ASN1EncodableVector();
    vCerts.add(certArray[mySignerIndex]);
    vCerts.add(certArray[myIssuerIndex]);
    vCerts.add(certArray[bluelineIndex]);

    DERTaggedObject sdCertificates = new DERTaggedObject(false, 0, new DERSet(vCerts));
    vSignedData.add(sdCertificates);

    // signerInfos
    DERSet sdSignerInfos = new DERSet();
    vSignedData.add(sdSignerInfos);

    // content [0] EXPLICIT SEQUENCE signedData
    BERSequence signedData = new BERSequence(vSignedData);
    BERTaggedObject content = new BERTaggedObject(true, 0, signedData);
    vContentInfo.add(content);

    BERSequence contentInfo = new BERSequence(vContentInfo);
    pkcs7InputData = contentInfo.getEncoded();

    // Contruct cert path data list
    // Certificates are store in M2MCertPath from target to trust anchor.
    expectedCertPathData = new byte[][] { signerData, issuerData, rootcaData };
}