List of usage examples for org.bouncycastle.asn1 DEROctetString DEROctetString
public DEROctetString(ASN1Encodable obj) throws IOException
From source file:org.candlepin.util.X509CRLStreamWriter.java
License:Open Source License
/** * Create an entry to be added to the CRL. * * @param serial// ww w . j a v a 2s . c o m * @param date * @param reason */ @SuppressWarnings({ "unchecked", "rawtypes" }) public void add(BigInteger serial, Date date, int reason) { if (locked) { throw new IllegalStateException("Cannot add to a locked stream."); } ASN1EncodableVector v = new ASN1EncodableVector(); v.add(new DERInteger(serial)); v.add(new Time(date)); CRLReason crlReason = new CRLReason(reason); Vector extOids = new Vector(); Vector extValues = new Vector(); extOids.addElement(X509Extension.reasonCode); extValues.addElement(new X509Extension(false, new DEROctetString(crlReason.getDEREncoded()))); v.add(new X509Extensions(extOids, extValues)); newEntries.add(new DERSequence(v)); }
From source file:org.candlepin.util.X509CRLStreamWriter.java
License:Open Source License
/** * This method updates the crlNumber and authorityKeyIdentifier extensions. Any * other extensions are copied over unchanged. * @param extensions/*from ww w . jav a 2s . c o m*/ * @return * @throws IOException */ @SuppressWarnings("rawtypes") protected byte[] updateExtensions(byte[] obj) throws IOException { DERTaggedObject taggedExts = (DERTaggedObject) DERTaggedObject.fromByteArray(obj); DERSequence seq = (DERSequence) taggedExts.getObject(); ASN1EncodableVector modifiedExts = new ASN1EncodableVector(); // Now we need to read the extensions and find the CRL number and increment it, // and determine if its length changed. Enumeration objs = seq.getObjects(); while (objs.hasMoreElements()) { DERSequence ext = (DERSequence) objs.nextElement(); DERObjectIdentifier oid = (DERObjectIdentifier) ext.getObjectAt(0); if (X509Extension.cRLNumber.equals(oid)) { DEROctetString s = (DEROctetString) ext.getObjectAt(1); DERInteger i = (DERInteger) DERTaggedObject.fromByteArray(s.getOctets()); DERInteger newCrlNumber = new DERInteger(i.getValue().add(BigInteger.ONE)); X509Extension newNumberExt = new X509Extension(false, new DEROctetString(newCrlNumber.getDEREncoded())); ASN1EncodableVector crlNumber = new ASN1EncodableVector(); crlNumber.add(X509Extension.cRLNumber); crlNumber.add(newNumberExt.getValue()); modifiedExts.add(new DERSequence(crlNumber)); } else if (X509Extension.authorityKeyIdentifier.equals(oid)) { X509Extension newAuthorityKeyExt = new X509Extension(false, new DEROctetString(akiStructure.getDEREncoded())); ASN1EncodableVector aki = new ASN1EncodableVector(); aki.add(X509Extension.authorityKeyIdentifier); aki.add(newAuthorityKeyExt.getValue()); modifiedExts.add(new DERSequence(aki)); } else { modifiedExts.add(ext); } } DERSequence seqOut = new DERSequence(modifiedExts); DERTaggedObject out = new DERTaggedObject(true, 0, seqOut); return out.getDEREncoded(); }
From source file:org.candlepin.util.X509CRLStreamWriter.java
License:Open Source License
/** * Write a new nextUpdate time that is the same amount of time ahead of the new thisUpdate * time as the old nextUpdate was from the old thisUpdate. * * @param out/*w w w. j a v a 2s . com*/ * @param tagNo * @param oldThisUpdate * @throws IOException */ protected void offsetNextUpdate(OutputStream out, int tagNo, Date oldThisUpdate) throws IOException { int originalLength = readLength(crlIn, null); byte[] oldBytes = new byte[originalLength]; readFullyAndTrack(crlIn, oldBytes, null); DERObject oldTime = null; if (tagNo == UTC_TIME) { DERTaggedObject t = new DERTaggedObject(UTC_TIME, new DEROctetString(oldBytes)); oldTime = DERUTCTime.getInstance(t, false); } else { DERTaggedObject t = new DERTaggedObject(GENERALIZED_TIME, new DEROctetString(oldBytes)); oldTime = DERGeneralizedTime.getInstance(t, false); } /* Determine the time between the old thisUpdate and old nextUpdate and add it /* to the new nextUpdate. */ Date oldNextUpdate = new Time(oldTime).getDate(); long delta = oldNextUpdate.getTime() - oldThisUpdate.getTime(); Date newNextUpdate = new Date(new Date().getTime() + delta); DERObject newTime = null; if (tagNo == UTC_TIME) { newTime = new DERUTCTime(newNextUpdate); } else { newTime = new DERGeneralizedTime(newNextUpdate); } writeNewTime(out, newTime, originalLength); }
From source file:org.candlepin.util.X509CRLStreamWriter.java
License:Open Source License
/** * Replace a time in the ASN1 with the current time. * * @param out/*from w w w . j a v a 2 s .c o m*/ * @param tagNo * @return the time that was replaced * @throws IOException */ protected Date readAndReplaceTime(OutputStream out, int tagNo) throws IOException { int originalLength = readLength(crlIn, null); byte[] oldBytes = new byte[originalLength]; readFullyAndTrack(crlIn, oldBytes, null); DERObject oldTime = null; DERObject newTime = null; if (tagNo == UTC_TIME) { DERTaggedObject t = new DERTaggedObject(UTC_TIME, new DEROctetString(oldBytes)); oldTime = DERUTCTime.getInstance(t, false); newTime = new DERUTCTime(new Date()); } else { DERTaggedObject t = new DERTaggedObject(GENERALIZED_TIME, new DEROctetString(oldBytes)); oldTime = DERGeneralizedTime.getInstance(t, false); newTime = new DERGeneralizedTime(new Date()); } writeNewTime(out, newTime, originalLength); return new Time(oldTime).getDate(); }
From source file:org.ccnx.ccn.impl.security.crypto.CCNMerkleTree.java
License:Open Source License
/** * Compute the leaf values of the ContentObjects in this tree * @param contentObjects the content//from w w w .j a v a 2 s . c o m * @throws NoSuchAlgorithmException if the digestAlgorithm unknown */ protected void computeLeafValues(ContentObject[] contentObjects) throws NoSuchAlgorithmException { // Hash the leaves for (int i = 0; i < numLeaves(); ++i) { // DKS -- need to make sure content() doesn't clone try { ContentObject co = contentObjects[i]; byte[] blockDigest = CCNDigestHelper.digest(co.prepareContent()); _tree[leafNodeIndex(i) - 1] = new DEROctetString(blockDigest); if (Log.isLoggable(Log.FAC_SIGNING, Level.FINER)) { Log.finer(Log.FAC_SIGNING, "offset: " + 0 + " block length: " + co.contentLength() + " blockDigest " + DataUtils.printBytes(blockDigest) + " content digest: " + DataUtils.printBytes(CCNDigestHelper.digest(co.content(), 0, co.contentLength()))); } } catch (ContentEncodingException e) { Log.info("Exception in computeBlockDigest, leaf: " + i + " out of " + numLeaves() + " type: " + e.getClass().getName() + ": " + e.getMessage()); e.printStackTrace(); // DKS todo -- what to throw? } } }
From source file:org.ccnx.ccn.impl.security.crypto.MerkleTree.java
License:Open Source License
/** * Compute the raw digest of the leaf content blocks, and format them appropriately. * @param contentBlocks the leaf content, one leaf per array * @param isDigest have these been digested already, or do we need to digest * them using computeBlockDigest(int, byte [][], int, int)? * @param baseBlockIndex first block in the array to use * @param lastBlockLength number of bytes of the last block to use; N/A if isDigest is true * @throws NoSuchAlgorithmException if digestAlgorithm is unknown *///from w w w.j a v a2 s . com protected void computeLeafValues(byte contentBlocks[][], boolean isDigest, int baseBlockIndex, int lastBlockLength) throws NoSuchAlgorithmException { // Hash the leaves for (int i = 0; i < numLeaves(); ++i) { _tree[leafNodeIndex(i) - 1] = new DEROctetString((isDigest ? contentBlocks[i + baseBlockIndex] : computeBlockDigest(i, contentBlocks, baseBlockIndex, lastBlockLength))); } }
From source file:org.ccnx.ccn.impl.security.crypto.MerkleTree.java
License:Open Source License
/** * Compute the raw digest of the leaf content blocks, and format them appropriately. * uses computeBlockDigest(int, byte[], int, int) to compute the leaf digest. * @param content the content to segment into leaves and hash into this * Merkle hash tree. One blockWidth of content per leaf, except for the last leaf which may * be shorter.// w w w. ja v a 2s . co m * @param offset offset into content at which to start processing data. * @param length number of bytes of content to process * @param blockWidth the length of leaf blocks to create * @throws NoSuchAlgorithmException if digestAlgorithm is unknown */ protected void computeLeafValues(byte[] content, int offset, int length, int blockWidth) throws NoSuchAlgorithmException { // Hash the leaves for (int i = 0; i < numLeaves(); ++i) { _tree[leafNodeIndex(i) - 1] = new DEROctetString( (computeBlockDigest(i, content, offset + (blockWidth * i), ((i < numLeaves() - 1) ? blockWidth : (length - (blockWidth * i)))))); } }
From source file:org.ccnx.ccn.impl.security.crypto.MerkleTree.java
License:Open Source License
/** * Compute the intermediate node values by digesting the concatenation of the * left and right children (or the left child alone if there is no right child). * @throws NoSuchAlgorithmException if digestAlgorithm is unknown *//*ww w . ja v a 2 s . c om*/ protected void computeNodeValues() throws NoSuchAlgorithmException { // Climb the tree int firstNode = firstLeaf() - 1; for (int i = firstNode; i >= ROOT_NODE; --i) { byte[] nodeDigest = CCNDigestHelper.digest(digestAlgorithm(), get(leftChild(i)), get(rightChild(i))); _tree[i - 1] = new DEROctetString(nodeDigest); } }
From source file:org.ccnx.ccn.impl.security.crypto.util.AuthorityKeyIdentifier.java
License:Open Source License
public AuthorityKeyIdentifier(byte[] keyID, GeneralNames issuerName, BigInteger issuerSerial) { if (null != keyID) this._keyIdentifier = new DEROctetString(keyID); this._issuerName = issuerName; // clone if not null? if (null != issuerSerial) this._issuerSerial = new DERInteger(issuerSerial); }
From source file:org.ccnx.ccn.impl.security.crypto.util.AuthorityKeyIdentifier.java
License:Open Source License
public void setKeyIdentifier(byte[] keyID) { if (null != keyID) this._keyIdentifier = new DEROctetString(keyID); }