List of usage examples for org.bouncycastle.asn1 DERTaggedObject getTagNo
public int getTagNo()
From source file:be.fedict.eid.applet.service.signer.facets.XAdESXLSignatureFacet.java
License:Open Source License
public void postSign(Element signatureElement, List<X509Certificate> signingCertificateChain) { LOG.debug("XAdES-X-L post sign phase"); // check for XAdES-BES Element qualifyingPropertiesElement = (Element) findSingleNode(signatureElement, "ds:Object/xades:QualifyingProperties"); if (null == qualifyingPropertiesElement) { throw new IllegalArgumentException("no XAdES-BES extension present"); }//w w w . j a v a 2 s .c o m // create basic XML container structure Document document = signatureElement.getOwnerDocument(); String xadesNamespacePrefix; if (null != qualifyingPropertiesElement.getPrefix()) { xadesNamespacePrefix = qualifyingPropertiesElement.getPrefix() + ":"; } else { xadesNamespacePrefix = ""; } Element unsignedPropertiesElement = (Element) findSingleNode(qualifyingPropertiesElement, "xades:UnsignedProperties"); if (null == unsignedPropertiesElement) { unsignedPropertiesElement = document.createElementNS(XADES_NAMESPACE, xadesNamespacePrefix + "UnsignedProperties"); qualifyingPropertiesElement.appendChild(unsignedPropertiesElement); } Element unsignedSignaturePropertiesElement = (Element) findSingleNode(unsignedPropertiesElement, "xades:UnsignedSignatureProperties"); if (null == unsignedSignaturePropertiesElement) { unsignedSignaturePropertiesElement = document.createElementNS(XADES_NAMESPACE, xadesNamespacePrefix + "UnsignedSignatureProperties"); unsignedPropertiesElement.appendChild(unsignedSignaturePropertiesElement); } // create the XAdES-T time-stamp Node signatureValueNode = findSingleNode(signatureElement, "ds:SignatureValue"); RevocationData tsaRevocationDataXadesT = new RevocationData(); LOG.debug("creating XAdES-T time-stamp"); XAdESTimeStampType signatureTimeStamp = createXAdESTimeStamp(Collections.singletonList(signatureValueNode), tsaRevocationDataXadesT, this.c14nAlgoId, this.timeStampService, this.objectFactory, this.xmldsigObjectFactory); // marshal the XAdES-T extension try { this.marshaller.marshal(this.objectFactory.createSignatureTimeStamp(signatureTimeStamp), unsignedSignaturePropertiesElement); } catch (JAXBException e) { throw new RuntimeException("JAXB error: " + e.getMessage(), e); } // xadesv141::TimeStampValidationData if (tsaRevocationDataXadesT.hasRevocationDataEntries()) { ValidationDataType validationData = createValidationData(tsaRevocationDataXadesT); try { this.marshaller.marshal(this.xades141ObjectFactory.createTimeStampValidationData(validationData), unsignedSignaturePropertiesElement); } catch (JAXBException e) { throw new RuntimeException("JAXB error: " + e.getMessage(), e); } } if (null == this.revocationDataService) { /* * Without revocation data service we cannot construct the XAdES-C * extension. */ return; } // XAdES-C: complete certificate refs CompleteCertificateRefsType completeCertificateRefs = this.objectFactory .createCompleteCertificateRefsType(); CertIDListType certIdList = this.objectFactory.createCertIDListType(); completeCertificateRefs.setCertRefs(certIdList); List<CertIDType> certIds = certIdList.getCert(); for (int certIdx = 1; certIdx < signingCertificateChain.size(); certIdx++) { /* * We skip the signing certificate itself according to section * 4.4.3.2 of the XAdES 1.4.1 specification. */ X509Certificate certificate = signingCertificateChain.get(certIdx); CertIDType certId = XAdESSignatureFacet.getCertID(certificate, this.objectFactory, this.xmldsigObjectFactory, this.digestAlgorithm, false); certIds.add(certId); } // XAdES-C: complete revocation refs CompleteRevocationRefsType completeRevocationRefs = this.objectFactory.createCompleteRevocationRefsType(); RevocationData revocationData = this.revocationDataService.getRevocationData(signingCertificateChain); if (revocationData.hasCRLs()) { CRLRefsType crlRefs = this.objectFactory.createCRLRefsType(); completeRevocationRefs.setCRLRefs(crlRefs); List<CRLRefType> crlRefList = crlRefs.getCRLRef(); List<byte[]> crls = revocationData.getCRLs(); for (byte[] encodedCrl : crls) { CRLRefType crlRef = this.objectFactory.createCRLRefType(); crlRefList.add(crlRef); X509CRL crl; try { crl = (X509CRL) this.certificateFactory.generateCRL(new ByteArrayInputStream(encodedCrl)); } catch (CRLException e) { throw new RuntimeException("CRL parse error: " + e.getMessage(), e); } CRLIdentifierType crlIdentifier = this.objectFactory.createCRLIdentifierType(); crlRef.setCRLIdentifier(crlIdentifier); String issuerName; try { issuerName = PrincipalUtil.getIssuerX509Principal(crl).getName().replace(",", ", "); } catch (CRLException e) { throw new RuntimeException("CRL encoding error: " + e.getMessage(), e); } crlIdentifier.setIssuer(issuerName); crlIdentifier.setIssueTime(this.datatypeFactory .newXMLGregorianCalendar(new DateTime(crl.getThisUpdate()).toGregorianCalendar())); crlIdentifier.setNumber(getCrlNumber(crl)); DigestAlgAndValueType digestAlgAndValue = XAdESSignatureFacet.getDigestAlgAndValue(encodedCrl, this.objectFactory, this.xmldsigObjectFactory, this.digestAlgorithm); crlRef.setDigestAlgAndValue(digestAlgAndValue); } } if (revocationData.hasOCSPs()) { OCSPRefsType ocspRefs = this.objectFactory.createOCSPRefsType(); completeRevocationRefs.setOCSPRefs(ocspRefs); List<OCSPRefType> ocspRefList = ocspRefs.getOCSPRef(); List<byte[]> ocsps = revocationData.getOCSPs(); for (byte[] ocsp : ocsps) { OCSPRefType ocspRef = this.objectFactory.createOCSPRefType(); ocspRefList.add(ocspRef); DigestAlgAndValueType digestAlgAndValue = XAdESSignatureFacet.getDigestAlgAndValue(ocsp, this.objectFactory, this.xmldsigObjectFactory, this.digestAlgorithm); ocspRef.setDigestAlgAndValue(digestAlgAndValue); OCSPIdentifierType ocspIdentifier = this.objectFactory.createOCSPIdentifierType(); ocspRef.setOCSPIdentifier(ocspIdentifier); OCSPResp ocspResp; try { ocspResp = new OCSPResp(ocsp); } catch (IOException e) { throw new RuntimeException("OCSP decoding error: " + e.getMessage(), e); } Object ocspResponseObject; try { ocspResponseObject = ocspResp.getResponseObject(); } catch (OCSPException e) { throw new RuntimeException("OCSP error: " + e.getMessage(), e); } BasicOCSPResp basicOcspResp = (BasicOCSPResp) ocspResponseObject; Date producedAt = basicOcspResp.getProducedAt(); ocspIdentifier.setProducedAt(this.datatypeFactory .newXMLGregorianCalendar(new DateTime(producedAt).toGregorianCalendar())); ResponderIDType responderId = this.objectFactory.createResponderIDType(); ocspIdentifier.setResponderID(responderId); RespID respId = basicOcspResp.getResponderId(); ResponderID ocspResponderId = respId.toASN1Object(); DERTaggedObject derTaggedObject = (DERTaggedObject) ocspResponderId.toASN1Object(); if (2 == derTaggedObject.getTagNo()) { ASN1OctetString keyHashOctetString = (ASN1OctetString) derTaggedObject.getObject(); responderId.setByKey(keyHashOctetString.getOctets()); } else { X509Name name = X509Name.getInstance(derTaggedObject.getObject()); responderId.setByName(name.toString()); } } } // marshal XAdES-C NodeList unsignedSignaturePropertiesNodeList = ((Element) qualifyingPropertiesElement) .getElementsByTagNameNS(XADES_NAMESPACE, "UnsignedSignatureProperties"); Node unsignedSignaturePropertiesNode = unsignedSignaturePropertiesNodeList.item(0); try { this.marshaller.marshal(this.objectFactory.createCompleteCertificateRefs(completeCertificateRefs), unsignedSignaturePropertiesNode); this.marshaller.marshal(this.objectFactory.createCompleteRevocationRefs(completeRevocationRefs), unsignedSignaturePropertiesNode); } catch (JAXBException e) { throw new RuntimeException("JAXB error: " + e.getMessage(), e); } // XAdES-X Type 1 timestamp List<Node> timeStampNodesXadesX1 = new LinkedList<Node>(); timeStampNodesXadesX1.add(signatureValueNode); Node signatureTimeStampNode = findSingleNode(unsignedSignaturePropertiesNode, "xades:SignatureTimeStamp"); timeStampNodesXadesX1.add(signatureTimeStampNode); Node completeCertificateRefsNode = findSingleNode(unsignedSignaturePropertiesNode, "xades:CompleteCertificateRefs"); timeStampNodesXadesX1.add(completeCertificateRefsNode); Node completeRevocationRefsNode = findSingleNode(unsignedSignaturePropertiesNode, "xades:CompleteRevocationRefs"); timeStampNodesXadesX1.add(completeRevocationRefsNode); RevocationData tsaRevocationDataXadesX1 = new RevocationData(); LOG.debug("creating XAdES-X time-stamp"); XAdESTimeStampType timeStampXadesX1 = createXAdESTimeStamp(timeStampNodesXadesX1, tsaRevocationDataXadesX1, this.c14nAlgoId, this.timeStampService, this.objectFactory, this.xmldsigObjectFactory); ValidationDataType timeStampXadesX1ValidationData; if (tsaRevocationDataXadesX1.hasRevocationDataEntries()) { timeStampXadesX1ValidationData = createValidationData(tsaRevocationDataXadesX1); } else { timeStampXadesX1ValidationData = null; } // marshal XAdES-X try { this.marshaller.marshal(this.objectFactory.createSigAndRefsTimeStamp(timeStampXadesX1), unsignedSignaturePropertiesNode); if (null != timeStampXadesX1ValidationData) { this.marshaller.marshal( this.xades141ObjectFactory.createTimeStampValidationData(timeStampXadesX1ValidationData), unsignedSignaturePropertiesNode); } } catch (JAXBException e) { throw new RuntimeException("JAXB error: " + e.getMessage(), e); } // XAdES-X-L CertificateValuesType certificateValues = this.objectFactory.createCertificateValuesType(); List<Object> certificateValuesList = certificateValues.getEncapsulatedX509CertificateOrOtherCertificate(); for (X509Certificate certificate : signingCertificateChain) { EncapsulatedPKIDataType encapsulatedPKIDataType = this.objectFactory.createEncapsulatedPKIDataType(); try { encapsulatedPKIDataType.setValue(certificate.getEncoded()); } catch (CertificateEncodingException e) { throw new RuntimeException("certificate encoding error: " + e.getMessage(), e); } certificateValuesList.add(encapsulatedPKIDataType); } RevocationValuesType revocationValues = createRevocationValues(revocationData); // marshal XAdES-X-L try { this.marshaller.marshal(this.objectFactory.createCertificateValues(certificateValues), unsignedSignaturePropertiesNode); this.marshaller.marshal(this.objectFactory.createRevocationValues(revocationValues), unsignedSignaturePropertiesNode); } catch (JAXBException e) { throw new RuntimeException("JAXB error: " + e.getMessage(), e); } }
From source file:bluecrystal.bcdeps.helper.DerEncoder.java
License:Open Source License
public static byte[] getAKI(byte[] extensionValue, int index) { byte[] ret = null; try {/*from w w w . j av a 2 s. c om*/ if (extensionValue == null) { return null; } ASN1InputStream oAsnInStream = new ASN1InputStream(new ByteArrayInputStream(extensionValue)); ASN1Primitive derObjCP = oAsnInStream.readObject(); DEROctetString dosCP = (DEROctetString) derObjCP; byte[] cpOctets = dosCP.getOctets(); ASN1InputStream oAsnInStream2 = new ASN1InputStream(new ByteArrayInputStream(cpOctets)); ASN1Primitive derObj2 = oAsnInStream2.readObject(); // derObj2 = oAsnInStream2.readObject(); DLSequence derSeq = (DLSequence) derObj2; int seqLen = derSeq.size(); // for(int i = 0; i < seqLen; i++){ ASN1Encodable derObj3 = derSeq.getObjectAt(0); DERTaggedObject derTO = (DERTaggedObject) derObj3; int tag = derTO.getTagNo(); boolean empty = derTO.isEmpty(); ASN1Primitive derObj4 = derTO.getObject(); DEROctetString ocStr4 = (DEROctetString) derObj4; ret = ocStr4.getOctets(); } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); } return ret; }
From source file:com.github.horrorho.inflatabledonkey.data.der.DERIterator.java
License:Open Source License
DERIterator(Enumeration enumeration) {
while (enumeration.hasMoreElements()) {
ASN1Primitive primitive = (ASN1Primitive) enumeration.nextElement();
if (primitive instanceof DERTaggedObject) {
DERTaggedObject tagged = (DERTaggedObject) primitive;
derTaggedObjects.put(tagged.getTagNo(), tagged.getObject());
} else {/* w w w .j ava 2 s. c o m*/
list.add(primitive);
}
}
iterator = list.iterator();
}
From source file:com.jlocksmith.util.ExtensionUtil.java
License:Open Source License
/** * Get Private Key Usage Period/*from w w w .jav a2 s. com*/ * * @param bytes * * @return String * * @throws IOException * @throws ParseException */ private String getPrivateKeyUsagePeriod(byte[] bytes) throws IOException, ParseException { ASN1Sequence times = (ASN1Sequence) toDERObject(bytes); StringBuffer strBuff = new StringBuffer(); for (int i = 0, len = times.size(); i < len; i++) { DERTaggedObject derTag = (DERTaggedObject) times.getObjectAt(i); DEROctetString dOct = (DEROctetString) derTag.getObject(); DERGeneralizedTime dTime = new DERGeneralizedTime(new String(dOct.getOctets())); strBuff.append(MessageFormat.format(localeUtil.getString("PrivateKeyUsagePeriod." + derTag.getTagNo()), new Object[] { formatGeneralizedTime(dTime) })); strBuff.append('\n'); } return strBuff.toString(); }
From source file:com.jlocksmith.util.ExtensionUtil.java
License:Open Source License
/** * Get Authority Key Identifier String Value * /*from w w w .ja v a 2 s .c om*/ * @param bytes * * @return String * * @throws IOException */ private String getAuthorityKeyIdentifierStringValue(byte[] bytes) throws IOException { ASN1Sequence asn1Seq = (ASN1Sequence) toDERObject(bytes); DEROctetString keyIdentifier = null; ASN1Sequence authorityCertIssuer = null; DEROctetString certificateSerialNumber = null; for (int i = 0, len = asn1Seq.size(); i < len; i++) { DERTaggedObject derTagObj = (DERTaggedObject) asn1Seq.getObjectAt(i); DERObject derObj = derTagObj.getObject(); switch (derTagObj.getTagNo()) { case 0: keyIdentifier = (DEROctetString) derObj; break; case 1: if (derObj instanceof ASN1Sequence) { authorityCertIssuer = (ASN1Sequence) derObj; } else { authorityCertIssuer = new DERSequence(derObj); } break; case 2: certificateSerialNumber = (DEROctetString) derObj; break; } } StringBuffer strBuff = new StringBuffer(); if (keyIdentifier != null) { byte[] bKeyIdent = keyIdentifier.getOctets(); strBuff.append(MessageFormat.format(localeUtil.getString("KeyIdentifier"), new Object[] { convertToHexString(bKeyIdent) })); strBuff.append('\n'); } if (authorityCertIssuer != null) { strBuff.append(localeUtil.getString("CertificateIssuer")); strBuff.append('\n'); for (int i = 0, len = authorityCertIssuer.size(); i < len; i++) { DERTaggedObject generalName = (DERTaggedObject) authorityCertIssuer.getObjectAt(i); strBuff.append('\t'); strBuff.append(getGeneralNameString(generalName)); strBuff.append('\n'); } } if (certificateSerialNumber != null) { byte[] bCertSerialNumber = certificateSerialNumber.getOctets(); strBuff.append(MessageFormat.format(localeUtil.getString("CertificateSerialNumber"), new Object[] { convertToHexString(bCertSerialNumber) })); strBuff.append('\n'); } return strBuff.toString(); }
From source file:com.jlocksmith.util.ExtensionUtil.java
License:Open Source License
/** * Get Policy Constraints String Value// w w w. j a v a2 s .c o m * * @param bytes * * @return String * * @throws IOException */ private String getPolicyConstraintsStringValue(byte[] bytes) throws IOException { ASN1Sequence policyConstraints = (ASN1Sequence) toDERObject(bytes); StringBuffer strBuff = new StringBuffer(); for (int i = 0, len = policyConstraints.size(); i < len; i++) { DERTaggedObject policyConstraint = (DERTaggedObject) policyConstraints.getObjectAt(i); DERInteger skipCerts = new DERInteger(((DEROctetString) policyConstraint.getObject()).getOctets()); int iSkipCerts = skipCerts.getValue().intValue(); switch (policyConstraint.getTagNo()) { case 0: strBuff.append(MessageFormat.format(localeUtil.getString("RequireExplicitPolicy"), new Object[] { "" + iSkipCerts })); strBuff.append('\n'); break; case 1: strBuff.append(MessageFormat.format(localeUtil.getString("InhibitPolicyMapping"), new Object[] { "" + iSkipCerts })); strBuff.append('\n'); break; } } return strBuff.toString(); }
From source file:com.jlocksmith.util.ExtensionUtil.java
License:Open Source License
/** * Get General Name String/* www.j a v a 2 s .c o m*/ * * @param generalName * * @return String */ private String getGeneralNameString(DERTaggedObject generalName) { StringBuffer strBuff = new StringBuffer(); switch (generalName.getTagNo()) { case 0: ASN1Sequence other = (ASN1Sequence) generalName.getObject(); String sOid = ((DERObjectIdentifier) other.getObjectAt(0)).getId(); String sVal = getObjectString(other.getObjectAt(1)); strBuff.append( MessageFormat.format(localeUtil.getString("OtherGeneralName"), new Object[] { sOid, sVal })); break; case 1: DEROctetString rfc822 = (DEROctetString) generalName.getObject(); String sRfc822 = new String(rfc822.getOctets()); strBuff.append( MessageFormat.format(localeUtil.getString("Rfc822GeneralName"), new Object[] { sRfc822 })); break; case 2: // DNS Name DEROctetString dns = (DEROctetString) generalName.getObject(); String sDns = new String(dns.getOctets()); strBuff.append(MessageFormat.format(localeUtil.getString("DnsGeneralName"), new Object[] { sDns })); break; case 4: // Directory Name ASN1Sequence directory = (ASN1Sequence) generalName.getObject(); X509Name name = new X509Name(directory); strBuff.append(MessageFormat.format(localeUtil.getString("DirectoryGeneralName"), new Object[] { name.toString() })); break; case 6: // URI DEROctetString uri = (DEROctetString) generalName.getObject(); String sUri = new String(uri.getOctets()); strBuff.append(MessageFormat.format(localeUtil.getString("UriGeneralName"), new Object[] { sUri })); break; case 7: // IP Address DEROctetString ipAddress = (DEROctetString) generalName.getObject(); byte[] bIpAddress = ipAddress.getOctets(); // Output the IP Address components one at a time separated by dots StringBuffer sbIpAddress = new StringBuffer(); for (int iCnt = 0, bl = bIpAddress.length; iCnt < bl; iCnt++) { // Convert from (possibly negative) byte to positive int sbIpAddress.append((int) bIpAddress[iCnt] & 0xFF); if ((iCnt + 1) < bIpAddress.length) { sbIpAddress.append('.'); } } strBuff.append(MessageFormat.format(localeUtil.getString("IpAddressGeneralName"), new Object[] { sbIpAddress.toString() })); break; case 8: DEROctetString registeredId = (DEROctetString) generalName.getObject(); byte[] bRegisteredId = registeredId.getOctets(); // Output the components one at a time separated by dots StringBuffer sbRegisteredId = new StringBuffer(); for (int iCnt = 0; iCnt < bRegisteredId.length; iCnt++) { byte b = bRegisteredId[iCnt]; // Convert from (possibly negative) byte to positive int sbRegisteredId.append((int) b & 0xFF); if ((iCnt + 1) < bRegisteredId.length) { sbRegisteredId.append('.'); } } strBuff.append(MessageFormat.format(localeUtil.getString("RegisteredIdGeneralName"), new Object[] { sbRegisteredId.toString() })); break; default: strBuff.append(MessageFormat.format(localeUtil.getString("UnsupportedGeneralNameType"), new Object[] { "" + generalName.getTagNo() })); break; } return strBuff.toString(); }
From source file:com.novosec.pkix.asn1.cmp.RevRepContent.java
License:Open Source License
public RevRepContent(ASN1Sequence seq) { Enumeration e = seq.getObjects(); Enumeration estatus = ((ASN1Sequence) e.nextElement()).getObjects(); while (estatus.hasMoreElements()) { status.addElement(PKIStatusInfo.getInstance(estatus.nextElement())); }// ww w . j a v a2 s . co m while (e.hasMoreElements()) { DERTaggedObject obj = (DERTaggedObject) e.nextElement(); switch (obj.getTagNo()) { case 0: // Enumeration erevcerts = ((ASN1Sequence)e.nextElement()).getObjects(); Enumeration erevcerts = ((ASN1Sequence) obj.getObject()).getObjects(); while (erevcerts.hasMoreElements()) { revCerts.addElement(CertId.getInstance(erevcerts.nextElement())); } break; case 1: // Enumeration ecrls = ((ASN1Sequence)e.nextElement()).getObjects(); Enumeration ecrls = ((ASN1Sequence) obj.getObject()).getObjects(); while (ecrls.hasMoreElements()) { crls.addElement(CertificateList.getInstance(ecrls.nextElement())); } break; } } }
From source file:com.novosec.pkix.asn1.crmf.CertTemplate.java
License:Open Source License
public CertTemplate(ASN1Sequence seq) { Enumeration e = (seq == null ? null : seq.getObjects()); while (e != null && e.hasMoreElements()) { DERTaggedObject obj = (DERTaggedObject) e.nextElement(); int tagno = (obj == null ? -1 : obj.getTagNo()); switch (tagno) { case 0:// w w w .ja va2s .com this.version = DERInteger.getInstance(obj, false); break; case 1: this.serialNumber = DERInteger.getInstance(obj, false); break; case 2: this.signingAlg = AlgorithmIdentifier.getInstance(obj, false); break; case 3: this.issuer = X509Name.getInstance(obj, bNameIsExplicit); break; case 4: this.validity = OptionalValidity.getInstance(obj, false); break; case 5: this.subject = X509Name.getInstance(obj, bNameIsExplicit); break; case 6: this.publicKey = SubjectPublicKeyInfo.getInstance(obj, false); break; case 7: this.issuerUID = DERBitString.getInstance(obj, false); break; case 8: this.subjectUID = DERBitString.getInstance(obj, false); break; case 9: this.extensions = X509Extensions.getInstance(obj, false); break; default: throw new IllegalArgumentException("invalid asn1 sequence"); } } }
From source file:com.novosec.pkix.asn1.crmf.EncryptedValue.java
License:Open Source License
public EncryptedValue(ASN1Sequence seq) { Enumeration e = seq.getObjects(); while (e.hasMoreElements()) { Object obj = e.nextElement(); if (obj instanceof DERTaggedObject) { DERTaggedObject tagObj = (DERTaggedObject) obj; switch (tagObj.getTagNo()) { case 0: this.intendedAlg = AlgorithmIdentifier.getInstance(tagObj.getObject()); break; case 1: this.symmAlg = AlgorithmIdentifier.getInstance(tagObj.getObject()); break; case 2: this.encSymmKey = DERBitString.getInstance(tagObj.getObject()); break; case 3: this.keyAlg = AlgorithmIdentifier.getInstance(tagObj.getObject()); break; case 4: this.valueHint = (DEROctetString) DEROctetString.getInstance(tagObj.getObject()); break; }//from w ww .j ava 2s . com } else { encValue = DERBitString.getInstance(obj); break; } } }