List of usage examples for org.bouncycastle.asn1 DERObjectIdentifier toString
public String toString()
From source file:br.gov.frameworkdemoiselle.certificate.signer.util.ValidadorUtil.java
License:Open Source License
public static void validate(X509Certificate certificate) { /*// w ww. ja v a2s .co m * Assinaturas digitais geradas segundo esta Poltica de Assinatura * devero ser criadas com chave privada associada ao certificado * ICP-Brasil * tipo A1 (do OID 2.16.76.1.2.1.1 ao OID * 2.16.76.1.2.1.100), tipo A2 (do OID 2.16.76.1.2.2.1 ao OID * 2.16.76.1.2.2.100), do tipo A3 (do OID 2.16.76.1.2.3.1 ao OID * 2.16.76.1.2.3.100) e do tipo A4 (do OID 2.16.76.1.2.4.1 ao OID * 2.16.76.1.2.4.100), conforme definido em DOC-ICP-04. */ try { byte[] val1 = certificate.getExtensionValue("2.5.29.32"); ASN1InputStream ans1InputStream = new ASN1InputStream(new ByteArrayInputStream(val1)); DERObject derObject = ans1InputStream.readObject(); ans1InputStream.close(); DEROctetString derOctetString = (DEROctetString) derObject; byte[] val2 = derOctetString.getOctets(); ASN1InputStream asn1InputStream2 = new ASN1InputStream(new ByteArrayInputStream(val2)); DERObject derObject2 = asn1InputStream2.readObject(); asn1InputStream2.close(); DERSequence derSequence = (DERSequence) derObject2; DERSequence derObject3 = (DERSequence) derSequence.getObjectAt(0).getDERObject(); DERObjectIdentifier objectIdentifier = (DERObjectIdentifier) derObject3.getObjectAt(0); String identificador = objectIdentifier.toString(); if (!(identificador.startsWith("2.16.76.1.2.1.") || identificador.startsWith("2.16.76.1.2.2.") || identificador.startsWith("2.16.76.1.2.3.") || identificador.startsWith("2.16.76.1.2.4."))) { throw new SignerException("O OID no corresponde a uma Poltica de Certificado."); } int sufixo = Integer.parseInt(identificador.substring(identificador.lastIndexOf(".") + 1)); if (sufixo < 1 || sufixo > 100) { throw new SignerException("O certificado deve ser do tipo A1, A2, A3 ou A4."); } } catch (Throwable error) { throw new SignerException( "A assinaturas digital deve ser criada com chave privada associada ao certificado ICP-Brasil tipo A1, A2, A3 ou A4", error); } }
From source file:com.yacme.ext.oxsit.cust_it.comp.security.cert.X509CertDisplayBase_IT.java
License:Open Source License
protected String initSignatureAlgorithm() { DERObjectIdentifier oi = m_aX509.getSignatureAlgorithm().getObjectId(); return new String( "" + ((oi.equals(X509CertificateStructure.sha1WithRSAEncryption)) ? "pkcs-1 sha1WithRSAEncryption" : oi.toString())); }
From source file:org.glite.voms.PKIUtils.java
License:Open Source License
/** * Gets an OpenSSL-style representation of a principal. * * @param principal the principal// w ww .ja v a 2s .co m * * @return a String representing the principal. */ public static String getOpenSSLFormatPrincipal(Principal principal) { X509Name name = new X509Name(principal.getName()); Vector oids = name.getOIDs(); Vector values = name.getValues(); ListIterator oids_iter = oids.listIterator(); ListIterator values_iter = values.listIterator(); String result = new String(); while (oids_iter.hasNext()) { DERObjectIdentifier oid = (DERObjectIdentifier) oids_iter.next(); String value = (String) values_iter.next(); if (oid.equals(X509Name.C)) result += "/C=" + value; else if (oid.equals(X509Name.CN)) result += "/CN=" + value; else if (oid.equals(X509Name.DC)) result += "/DC=" + value; else if (oid.equals(X509Name.E)) result += "/E=" + value; else if (oid.equals(X509Name.EmailAddress)) result += "/Email=" + value; else if (oid.equals(X509Name.L)) result += "/L=" + value; else if (oid.equals(X509Name.O)) result += "/O=" + value; else if (oid.equals(X509Name.OU)) result += "/OU=" + value; else if (oid.equals(X509Name.ST)) result += "/ST=" + value; else if (oid.equals(X509Name.UID)) result += "/UID=" + value; else result += "/" + oid.toString() + "=" + value; } logger.debug("SSLFormat: " + result); return result; }
From source file:org.signserver.module.mrtdsodsigner.jmrtd.SODFile.java
License:Open Source License
/** * Gets the name of the algorithm used in the signature. * // w w w . j a va 2 s . co m * @return an algorithm string such as "SHA256withRSA" */ public String getDigestEncryptionAlgorithm() { try { final DERObjectIdentifier algorithm = getSignerInfo(signedData).getDigestEncryptionAlgorithm() .getAlgorithm(); String result = lookupMnemonicByOID(algorithm); if (PKCS1_RSA_PSS_OID.toString().equals(algorithm.toString())) { try { final ASN1Encodable parameters = getSignerInfo(signedData).getDigestEncryptionAlgorithm() .getParameters(); if (parameters != null) { AlgorithmParameters params = AlgorithmParameters.getInstance("PSS"); params.init(parameters.toASN1Primitive().getEncoded()); final PSSParameterSpec spec = params.getParameterSpec(PSSParameterSpec.class); result = lookupMnemonicByOID(new DERObjectIdentifier(spec.getDigestAlgorithm())) + "withRSAand" + lookupMnemonicByOID(new DERObjectIdentifier(spec.getMGFAlgorithm())); } } catch (InvalidParameterSpecException ignored) { } catch (IOException ignored) { } } return result; } catch (NoSuchAlgorithmException nsae) { nsae.printStackTrace(); throw new IllegalStateException(nsae.toString()); } }