Package codec.x501

Examples of codec.x501.RFC2253Parser


     */
    public Attribute getAttribute(ASN1ObjectIdentifier oid) {
  if (oid == null) {
      throw new NullPointerException("Need an OID!");
  }
  Attribute attribute;
  Iterator i;

  for (i = iterator(); i.hasNext();) {
      attribute = (Attribute) i.next();
      if (attribute.getOID().equals(oid))
    return attribute;
  }
  return null;
    }
View Full Code Here


     * instance automatically.
     *
     * @return The new attribute, ready to be decoded.
     */
    public ASN1Type newElement() {
  Attribute attribute;

  if (registry_ == null) {
      attribute = new Attribute();
  } else {
      attribute = new Attribute(registry_);
  }
  add(attribute);

  return attribute;
    }
View Full Code Here

     * @param lk_id
     *                The localKeyId
     */
    public SafeContents(ASN1RegisteredType bag, String user_fn, byte[] lk_id) {
  super(SafeBag.class);
  Attribute attrUserFn = null;
  Attribute attrUserKeyId = null;

  // Add friendlyName (if present)
  if ((user_fn != null) && !user_fn.equals("")) {
      ASN1ObjectIdentifier fnOID = new ASN1ObjectIdentifier(FN_OID_);
      attrUserFn = new Attribute(fnOID, new ASN1BMPString(user_fn));
  }

  // add localKeyId (if present)
  if ((lk_id != null) && (lk_id.length > 0)) {
      ASN1ObjectIdentifier lkOID = new ASN1ObjectIdentifier(LK_OID_);
      attrUserKeyId = new Attribute(lkOID, new ASN1OctetString(lk_id));
  }

  // both present -> add both
  if ((user_fn != null) && (lk_id != null)) {
      Attribute[] attr = new Attribute[2];
View Full Code Here

      throws GeneralSecurityException {
  AlgorithmParameterSpec spec;
  ASN1ObjectIdentifier oid;
  ASN1OctetString octets;
  Attributes attributes;
  Attribute attribute;
  String sigalg;
  String mdalg;

  /*
   * Either a certificate or a SignerInfo is needed. We might do without
   * one of'em but not without both. The SignedData is need in every case.
   */
  if (info == null && cert == null) {
      throw new IllegalArgumentException(
        "Need either a SignerInfo or a certificate!");
  }
  if (sigdat == null) {
      throw new NullPointerException("Need a SignedData!");
  }
  target_ = sigdat;

  /*
   * If the SignerInfo is null then we try to get it from the SignedData.
   */
  if (info == null) {
      info = target_.getSignerInfo(cert);

      if (info == null) {
    throw new NoSuchSignerException("No signer info found for: "
      + cert.getIssuerDN().getName() + ", "
      + cert.getSerialNumber());
      }
  }
  /*
   * If we have a SignerInfo but no certificate the we try and see if we
   * can get it from the SignedData.
   */
  else if (cert == null) {
      cert = target_.getCertificate(info.getIssuerDN(), info
        .getSerialNumber());

      if (cert == null) {
    throw new CertificateException("No certificate available for: "
      + info.getIssuerDN().getName() + ", "
      + info.getSerialNumber());
      }
  }
  /*
   * We have both a SignerInfo and a certificate, now let's see if they
   * have matching issuer and serial number.
   */
  else {
      if (!info.equivIssuerAndSerialNumber(cert)) {
    throw new IllegalArgumentException(
      "SignerInfo and certificate don't match!");
      }
  }
  /*
   * At this point we should have both a SignerInfo and a matching
   * certificate.
   */
  info_ = info;
  cert_ = cert;
  sigalg = info_.getAlgorithm();

  /*
   * We now check for a simple one-step verification or a two-step
   * verification. One-step occurs only in the degenerate case that the
   * content type of the SignedData instance is DATA and there are no
   * authenticated attributes in it.
   *
   * Otherwise we have to check painfully for the various details on
   * required attributes.
   */
  attributes = info_.authenticatedAttributes();
  oid = target_.getContentType();

  if (attributes.size() > 0 || !oid.equals(DATA)) {
      twostep_ = true;

      attribute = info_.authenticatedAttributes().getAttribute(
        CONTENT_TYPE);

      if (attribute == null) {
    throw new NoSuchAttributeException(
      "ContentType attribute missing!");
      }
      if (attribute.valueCount() == 0) {
    throw new InvalidAttributeException(
      "ContentType attribute has no OID!");
      }
      if (!oid.equals(attribute.valueAt(0))) {
    throw new InvalidAttributeException(
      "ContentType attribute mismatch!");
      }
      attribute = info_.authenticatedAttributes().getAttribute(
        MESSAGE_DIGEST);

      if (attribute == null) {
    throw new NoSuchAttributeException(
      "MessageDigest attribute missing!");
      }
      if (attribute.valueCount() == 0) {
    throw new InvalidAttributeException(
      "MessageDigest attribute has no data!");
      }
      octets = (ASN1OctetString) attribute.valueAt(0);
      md_ = octets.getByteArray();
      mdalg = JCA.getName(JCA.getDigestOID(sigalg));

      if (mdalg == null) {
    throw new NoSuchAlgorithmException(
View Full Code Here

    public Signer(Signable sigdat, SignerInfo info, PrivateKey key)
      throws GeneralSecurityException {
  AlgorithmParameterSpec spec;
  ASN1ObjectIdentifier oid;
  Attributes attributes;
  Attribute attribute;
  String sigalg;
  String mdalg;

  /*
   * We can't do without both a SignerInfo and a private key.
   */
  if (sigdat == null || info == null || key == null) {
      throw new NullPointerException(
        "Need a Signable, SignerInfo and PrivateKey!");
  }
  info_ = info;
  target_ = sigdat;
  sigalg = info_.getAlgorithm();

  /*
   * Here comes the tough part. We have to check the authenticated
   * attributes. In the degenerated case of no authenticated attributes
   * and a content type of Data in the SignedData we do one-step signing.
   * In all other cases we have to use two steps and we have to add and/or
   * check attributes.
   */
  attributes = info_.authenticatedAttributes();
  oid = target_.getContentType();

  // CHANGED BY CV
  // if (attributes.size() > 0 || !oid.equals(DATA))
  if (attributes.size() > 0) {
      twostep_ = true;

      attribute = info_.authenticatedAttributes().getAttribute(
        CONTENT_TYPE);

      /*
       * If there is no content type attribute then we have to add one. If
       * there is one then we have to make sure that there is no mismatch.
       *
       * The code could correct and replace attributes with a wrong type,
       * but I guess it's better to throw an exception because something
       * with the application's code is probably wrong.
       */
      if (attribute == null) {
    attribute = new Attribute((ASN1ObjectIdentifier) CONTENT_TYPE
      .clone(), (ASN1ObjectIdentifier) oid.clone());

    attributes.add(attribute);
      } else if (attribute.valueCount() < 1) {
    throw new InvalidAttributeException(
      "Content type attribute has no value!");
      } else if (!attribute.valueAt(0).equals(oid)) {
    throw new InvalidAttributeException(
      "Content type attribute has wrong value!");
      }
      attribute = info_.authenticatedAttributes().getAttribute(
        MESSAGE_DIGEST);
View Full Code Here

     * certificates are likely to be distributed by other means as well (e.g.
     * LDAP). So there might not be a need to distibute them with
     * <code>SignedData</code> objects.
     */
    public void sign() throws GeneralSecurityException {
  Attribute attribute;
  byte[] b;

  if (twostep_) {
      b = digest_.digest();

      attribute = new Attribute((ASN1ObjectIdentifier) MESSAGE_DIGEST
        .clone(), new ASN1OctetString(b));

      info_.addAuthenticatedAttribute(attribute);
      info_.update(sig_);
  }
View Full Code Here

  }
  i_ = i;

  try {
      if (subject != null) {
    dn_ = new Name(subject.getName(), -1);
      }
  } catch (BadNameException e) {
      throw new IllegalArgumentException(e.getMessage());
  }
    }
View Full Code Here

   * @throws IllegalArgumentException
   *                 if the given <code>Principal</code> cannot be
   *                 parsed into a <code>Name</code>.
   */
  public IdxKey(Principal issuer, BigInteger serial) {
      Name name;

      /*
       * Sun's implementation of the DN Principal SUCKS!!! Its equals(..)
       * method screws up, presumably does comparisons of RDNs only in the
       * order in which they appear in the DN. In order to get a
       * normalized string I have to do encoding plus decoding of names,
       * and I have to cope with a potential parsing error.
       */
      try {
    name = new Name(issuer.getName(), -1);
    issuer_ = name.toString();
      } catch (BadNameException e) {
    throw new IllegalArgumentException(e.getMessage());
      }
      serial_ = serial;
  }
View Full Code Here

   * @throws IllegalArgumentException
   *                 if the given <code>Principal</code> cannot be
   *                 parsed into a <code>Name</code>.
   */
  public IdxKey(Principal subject) {
      Name name;

      /*
       * Sun's implementation of the DN Principal SUCKS!!! See above for
       * an explanation of this rant.
       */
      try {
    name = new Name(subject.getName(), -1);
    subject_ = name.toString();
      } catch (BadNameException e) {
    throw new IllegalArgumentException(e.getMessage());
      }
  }
View Full Code Here

  certificationRequestInfo_ = new ASN1Sequence();

  version_ = new ASN1Integer(0);
  certificationRequestInfo_.add(version_);

  subject_ = new Name();
  certificationRequestInfo_.add(subject_);

  subjectPublicKeyInfo_ = new SubjectPublicKeyInfo();
  certificationRequestInfo_.add(subjectPublicKeyInfo_);
View Full Code Here

TOP

Related Classes of codec.x501.RFC2253Parser

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.