Package org.apache.commons.ssl.asn1

Examples of org.apache.commons.ssl.asn1.ASN1Set

268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
            mdc_tmp = (MessageDigest)mdc.clone();
        } catch(Exception e) {}

        byte[] currentData = new byte[0];

        ASN1Set sk = si.getAuthenticatedAttributes();
        try {
            if(sk != null && sk.size() > 0) {
                byte[] md_dat = mdc_tmp.digest();
                ASN1OctetString message_digest = digestFromAttributes(sk);
                if(message_digest == null) {
                    throw new PKCS7Exception(F_PKCS7_SIGNATUREVERIFY, R_UNABLE_TO_FIND_MESSAGE_DIGEST);
                }
                if(!Arrays.equals(md_dat, message_digest.getOctets())) {
                    throw new NotVerifiedPKCS7Exception();
                }

                currentData = sk.getEncoded();
            }

            ASN1OctetString os = si.getEncryptedDigest();
            PublicKey pkey = x509.getPublicKey();
View Full Code Here
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
        Collection<SignerInfoWithPkey> siSk = null;
        BIO btmp;
        byte[] buf;
        MessageDigest mdc = null;
        MessageDigest ctx_tmp = null;
        ASN1Set sk;

        int i = this.data.getType();

        switch(i) {
        case ASN1Registry.NID_pkcs7_signedAndEnveloped:
            siSk = getSignedAndEnveloped().getSignerInfo();
            break;
        case ASN1Registry.NID_pkcs7_signed:
            siSk = getSign().getSignerInfo();
            break;
        case ASN1Registry.NID_pkcs7_digest:
            break;
        default:
            break;
        }

        if(siSk != null) {
            for(SignerInfoWithPkey si : siSk) {
                if(si.getPkey() == null) {
                    continue;
                }
                int j = ASN1Registry.obj2nid(si.getDigestAlgorithm().getObjectId());
                btmp = bio;
                MessageDigest[] _mdc = new MessageDigest[] {mdc};
                btmp = findDigest(_mdc, btmp, j);
                mdc = _mdc[0];
                if(btmp == null) {
                    return 0;
                }

                try {
                    ctx_tmp = (MessageDigest)mdc.clone();
                } catch(CloneNotSupportedException e) {
                    throw new RuntimeException(e);
                }
               
                sk = si.getAuthenticatedAttributes();

                Signature sign = null;

                try {
                    if(sk != null && sk.size() > 0) {
                        /* Add signing time if not already present */
                        if(null == si.getSignedAttribute(ASN1Registry.NID_pkcs9_signingTime)) {
                            DERUTCTime signTime = new DERUTCTime(Calendar.getInstance(TimeZone.getTimeZone("UTC")).getTime());
                            si.addSignedAttribute(ASN1Registry.NID_pkcs9_signingTime, signTime);
                        }

                        byte[] md_data = ctx_tmp.digest();
                        ASN1OctetString digest = new DEROctetString(md_data);
                        si.addSignedAttribute(ASN1Registry.NID_pkcs9_messageDigest, digest);

                        sk = si.getAuthenticatedAttributes();
                        sign = Signature.getInstance(EVP.signatureAlgorithm(ctx_tmp, si.getPkey()));
                        sign.initSign(si.getPkey());

                        byte[] abuf = sk.getEncoded();
                        sign.update(abuf);
                    }

                    if(sign != null) {
                        byte[] out = sign.sign();
View Full Code Here
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
     * SignerInfos ::= SET OF SignerInfo
     */
    public static Signed fromASN1(DEREncodable content) throws PKCS7Exception{
        ASN1Sequence sequence = (ASN1Sequence)content;
        DERInteger version = (DERInteger)sequence.getObjectAt(0);
        ASN1Set digestAlgos = (ASN1Set)sequence.getObjectAt(1);
        DEREncodable contentInfo = sequence.getObjectAt(2);

        DEREncodable certificates = null;
        DEREncodable crls = null;

        int index = 3;
        DEREncodable tmp = sequence.getObjectAt(index);
        if((tmp instanceof DERTaggedObject) && ((DERTaggedObject)tmp).getTagNo() == 0) {
            certificates = ((DERTaggedObject)tmp).getObject();
            index++;
        }

        tmp = sequence.getObjectAt(index);
        if((tmp instanceof DERTaggedObject) && ((DERTaggedObject)tmp).getTagNo() == 1) {
            crls = ((DERTaggedObject)tmp).getObject();
            index++;
        }

        ASN1Set signerInfos = (ASN1Set)sequence.getObjectAt(index);

        Signed signed = new Signed();
        signed.setVersion(version.getValue().intValue());
        signed.setMdAlgs(algorithmIdentifiersFromASN1Set(digestAlgos));
        signed.setContents(PKCS7.fromASN1(contentInfo));
View Full Code Here
343
344
345
346
347
348
349
350
351
352
353
354
            throw new PKCS7Exception(PKCS7.F_B64_READ_PKCS7, PKCS7.R_CERTIFICATE_VERIFY_ERROR, cpe);
        }
    }

    private static Set<AlgorithmIdentifier> algorithmIdentifiersFromASN1Set(DEREncodable content) {
        ASN1Set set = (ASN1Set)content;
        Set<AlgorithmIdentifier> result = new HashSet<AlgorithmIdentifier>();
        for(Enumeration<?> e = set.getObjects(); e.hasMoreElements();) {
            result.add(AlgorithmIdentifier.getInstance(e.nextElement()));
        }
        return result;
    }
View Full Code Here
352
353
354
355
356
357
358
359
360
361
362
363
        }
        return result;
    }

    private static Collection<SignerInfoWithPkey> signerInfosFromASN1Set(DEREncodable content) {
        ASN1Set set = (ASN1Set)content;
        Collection<SignerInfoWithPkey> result = new ArrayList<SignerInfoWithPkey>();
        for(Enumeration<?> e = set.getObjects(); e.hasMoreElements();) {
            result.add(SignerInfoWithPkey.getInstance(e.nextElement()));
        }
        return result;
    }
View Full Code Here
136
137
138
139
140
141
142
143
144
145
146
147
            }
            Object t = getRuntime().newFixnum(ASN1.idForClass(internal.getObjectAt(1).getClass()));
            ((X509Name)subject).addEntry(oid,v,t);
        }
        // Attributes ::= SET OF Attribute
        ASN1Set in_attrs = req.getCertificationRequestInfo().getAttributes();
        for(Enumeration enm = in_attrs.getObjects();enm.hasMoreElements();) {
            // Attribute ::= SEQUENCE { type, values SET SIZE(1..MAX) }
            DERSequence val = (DERSequence)enm.nextElement();
            DERObjectIdentifier v0 = (DERObjectIdentifier)val.getObjectAt(0);
            DERObject v1 = (DERObject)val.getObjectAt(1);
            IRubyObject a1 = getRuntime().newString(ASN1.getSymLookup(getRuntime()).get(v0));
View Full Code Here
127
128
129
130
131
132
133
134
135
136
137
     *
     */
    public static Envelope fromASN1(DEREncodable content) {
        ASN1Sequence sequence = (ASN1Sequence)content;
        DERInteger version = (DERInteger)sequence.getObjectAt(0);
        ASN1Set recipients = (ASN1Set)sequence.getObjectAt(1);
        DEREncodable encContent = sequence.getObjectAt(2);       

        Envelope envelope = new Envelope();
        envelope.setVersion(version.getValue().intValue());
        envelope.setRecipientInfo(recipientInfosFromASN1Set(recipients));
View Full Code Here
155
156
157
158
159
160
161
162
163
164
165
166
        }
        return new DERSet(vector);
    }

    private static Collection<RecipInfo> recipientInfosFromASN1Set(DEREncodable content) {
        ASN1Set set = (ASN1Set)content;
        Collection<RecipInfo> result = new ArrayList<RecipInfo>();
        for(Enumeration<?> e = set.getObjects(); e.hasMoreElements();) {
            result.add(RecipInfo.fromASN1((DEREncodable)e.nextElement()));
        }
        return result;
    }
View Full Code Here
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
            // the signerInfos
            int next = 3;
            while (content.getObjectAt(next) instanceof DERTaggedObject)
                ++next;
            ASN1Set signerInfos = (ASN1Set)content.getObjectAt(next);
            if (signerInfos.size() != 1)
                throw new IllegalArgumentException("This PKCS#7 object has multiple SignerInfos - only one is supported at this time");
            ASN1Sequence signerInfo = (ASN1Sequence)signerInfos.getObjectAt(0);
            // the positions that we care are
            //     0 - version
            //     1 - the signing certificate serial number
            //     2 - the digest algorithm
            //     3 or 4 - digestEncryptionAlgorithm
            //     4 or 5 - encryptedDigest
            signerversion = ((DERInteger)signerInfo.getObjectAt(0)).getValue().intValue();
            // Get the signing certificate
            ASN1Sequence issuerAndSerialNumber = (ASN1Sequence)signerInfo.getObjectAt(1);
            BigInteger serialNumber = ((DERInteger)issuerAndSerialNumber.getObjectAt(1)).getValue();
            for (Iterator i = certs.iterator(); i.hasNext();) {
                X509Certificate cert = (X509Certificate)i.next();
                if (serialNumber.equals(cert.getSerialNumber())) {
                    signCert = cert;
                    break;
                }
            }
            if (signCert == null) {
                throw new IllegalArgumentException("Can't find signing certificate with serial " + serialNumber.toString(16));
            }
            signCertificateChain();
            digestAlgorithm = ((DERObjectIdentifier)((ASN1Sequence)signerInfo.getObjectAt(2)).getObjectAt(0)).getId();
            next = 3;
            if (signerInfo.getObjectAt(next) instanceof ASN1TaggedObject) {
                ASN1TaggedObject tagsig = (ASN1TaggedObject)signerInfo.getObjectAt(next);
                ASN1Set sseq = ASN1Set.getInstance(tagsig, false);
                sigAttr = sseq.getEncoded(ASN1Encodable.DER);

                for (int k = 0; k < sseq.size(); ++k) {
                    ASN1Sequence seq2 = (ASN1Sequence)sseq.getObjectAt(k);
                    if (((DERObjectIdentifier)seq2.getObjectAt(0)).getId().equals(ID_MESSAGE_DIGEST)) {
                        ASN1Set set = (ASN1Set)seq2.getObjectAt(1);
                        digestAttr = ((DEROctetString)set.getObjectAt(0)).getOctets();
                    }
                    else if (((DERObjectIdentifier)seq2.getObjectAt(0)).getId().equals(ID_ADBE_REVOCATION)) {
                        ASN1Set setout = (ASN1Set)seq2.getObjectAt(1);
                        ASN1Sequence seqout = (ASN1Sequence)setout.getObjectAt(0);
                        for (int j = 0; j < seqout.size(); ++j) {
                            ASN1TaggedObject tg = (ASN1TaggedObject)seqout.getObjectAt(j);
                            if (tg.getTagNo() != 1)
                                continue;
                            ASN1Sequence seqin = (ASN1Sequence)tg.getObject();
                            findOcsp(seqin);
                        }
                    }
                }
                if (digestAttr == null)
                    throw new IllegalArgumentException("Authenticated attribute is missing the digest.");
                ++next;
            }
            digestEncryptionAlgorithm = ((DERObjectIdentifier)((ASN1Sequence)signerInfo.getObjectAt(next++)).getObjectAt(0)).getId();
            digest = ((DEROctetString)signerInfo.getObjectAt(next++)).getOctets();
            if (next < signerInfo.size() && (signerInfo.getObjectAt(next) instanceof DERTaggedObject)) {
                DERTaggedObject taggedObject = (DERTaggedObject) signerInfo.getObjectAt(next);
                ASN1Set unat = ASN1Set.getInstance(taggedObject, false);
                AttributeTable attble = new AttributeTable(unat);
                Attribute ts = attble.get(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken);
                if (ts != null) {
                    ASN1Set attributeValues = ts.getAttrValues();
                    ASN1Sequence tokenSequence = ASN1Sequence.getInstance(attributeValues.getObjectAt(0));
                    ContentInfo contentInfo = new ContentInfo(tokenSequence);
                    this.timeStampToken = new TimeStampToken(contentInfo);
                }
            }
            if (RSAdata != null || digestAttr != null) {
View Full Code Here
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
         */
        public X509Name(ASN1Sequence seq) {
            Enumeration e = seq.getObjects();
           
            while (e.hasMoreElements()) {
                ASN1Set set = (ASN1Set)e.nextElement();
               
                for (int i = 0; i < set.size(); i++) {
                    ASN1Sequence s = (ASN1Sequence)set.getObjectAt(i);
                    String id = (String)DefaultSymbols.get(s.getObjectAt(0));
                    if (id == null)
                        continue;
                    ArrayList vs = (ArrayList)values.get(id);
                    if (vs == null) {
View Full Code Here
TOP

Related Classes of org.apache.commons.ssl.asn1.ASN1Set

  • codec.pkcs7.Certificates
  • codec.pkcs8.PrivateKeyInfo
  • codec.x501.Attribute
  • codec.x501.Name
  • com.itextpdf.text.pdf.PdfPKCS7
  • com.itextpdf.text.pdf.PdfPKCS7$X509Name
  • com.itextpdf.text.pdf.PdfPublicKeySecurityHandler
  • com.itextpdf.text.pdf.security.CertificateInfo$X500Name
  • com.itextpdf.text.pdf.security.PdfPKCS7
  • com.lowagie.text.pdf.PdfPKCS7
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.