Package org.apache.commons.ssl.asn1

Examples of org.apache.commons.ssl.asn1.DEREncodable

60
61
62
63
64
65
66
67
68
69
70
    }
   
    static String getSignatureName(
        AlgorithmIdentifier sigAlgId)
    {
        DEREncodable params = sigAlgId.getParameters();
       
        if (params != null && !derNull.equals(params))
        {
            if (sigAlgId.getObjectId().equals(PKCSObjectIdentifiers.id_RSASSA_PSS))
            {
View Full Code Here
217
218
219
220
221
222
223
224
225
226
227
        {
            throw new ExtCertPathValidatorException(
                    "Algorithm identifier of public key of trust anchor could not be read.", e, certPath, -1);
        }
        DERObjectIdentifier workingPublicKeyAlgorithm = workingAlgId.getObjectId();
        DEREncodable workingPublicKeyParameters = workingAlgId.getParameters();

        //
        // (k)
        //
        int maxPathLength = n;
View Full Code Here
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
                       throw new IllegalArgumentException("badly sized pair");
                   }

                   ordering.addElement(DERObjectIdentifier.getInstance(s.getObjectAt(0)));
                  
                   DEREncodable value = s.getObjectAt(1);
                   if (value instanceof DERString && !(value instanceof DERUniversalString))
                   {
                       String v = ((DERString)value).getString();
                       if (v.length() > 0 && v.charAt(0) == '#')
                       {
                           values.addElement("\\" + v);
                       }
                       else
                       {
                           values.addElement(v);
                       }
                   }
                   else
                   {
                       values.addElement("#" + bytesToString(Hex.encode(value.getDERObject().getDEREncoded())));
                   }
                   added.addElement((i != 0) ? TRUE : FALSE)// to allow earlier JDK compatibility
            }
        }
    }
View Full Code Here
24
25
26
27
28
29
30
31
32
33
34
        if (seq.size() >= 3)
        {
            if (seq.size() == 3)
            {
                DEREncodable o = seq.getObjectAt(2);
                if (o instanceof ASN1OctetString)
                {
                    rspInfo = ASN1OctetString.getInstance(o);
                }
                else
View Full Code Here
214
215
216
217
218
219
220
221
222
223
    props.put("id1.property.value", "This is a utf8 ��� ��string");
   
    BasicCertificateExtension baseExt = new BasicCertificateExtension();
    baseExt.init(1, "1.2.3", false, props);
   
    DEREncodable value = baseExt.getValue(null, null, null, null, null);
    assertTrue(value.getClass().toString(),value instanceof DERUTF8String);
    assertTrue(((DERUTF8String)value).getString(),((DERUTF8String)value).getString().equals("This is a utf8 ��� ��string"));
       
  }
View Full Code Here
245
246
247
248
249
250
251
252
253
    props.put("id1.property.value", "1.1.1.255.1");
   
    BasicCertificateExtension baseExt = new BasicCertificateExtension();
    baseExt.init(1, "1.2.3", false, props);
   
    DEREncodable value = baseExt.getValue(null, null, null, null, null);
    assertTrue(value.getClass().toString(),value instanceof DERObjectIdentifier);
    assertTrue(((DERObjectIdentifier)value).getId(),((DERObjectIdentifier)value).getId().equals("1.1.1.255.1"));       
  }
View Full Code Here
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
    props.put("id1.property.value3", "foo3");
   
    BasicCertificateExtension baseExt = new BasicCertificateExtension();
    baseExt.init(1, "1.2.3", false, props);
   
    DEREncodable value = baseExt.getValue(null, null, null, null, null);
    assertTrue(value.getClass().toString(),value instanceof DERSequence);
    DERSequence seq = (DERSequence)value;
    assertEquals(3, seq.size());
    Enumeration e = seq.getObjects();
    int i = 1;
    while(e.hasMoreElements()) {
      DEREncodable v = (DEREncodable)e.nextElement();
      assertTrue(v.getClass().toString(),v instanceof DERUTF8String);
      String str = ((DERUTF8String)v).getString();
      log.info(str);
      assertEquals(str,"foo"+i++);       
    }
  }
View Full Code Here
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
        GeneralNames gan = GeneralNames.getInstance(obj);
        GeneralName[] gns = gan.getNames();
        for (int i = 0; i < gns.length; i++) {
          GeneralName gn = gns[i];
          int tag = gn.getTagNo();
          DEREncodable name = gn.getName();
          String str = CertTools.getGeneralNameString(tag, name);
          if (altName == null) {
            altName = str;
          } else {
            altName += ", "+str;
View Full Code Here
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
        // Verify signature protection
        AlgorithmIdentifier algId = msg.getMessage().getProtectedPart().getHeader().getProtectionAlg();
        String oid = algId.getObjectId().getId();
        assertEquals(PKCSObjectIdentifiers.sha1WithRSAEncryption.getId(), oid);
        // Check that this is an old message, created before ECA-2104, using null instead of DERNull as algorithm parameters.
        DEREncodable pp = algId.getParameters();
        assertNull(pp);
        // Try to verify, it should work good even though the small bug in ECA-2104, since we don't use algorithm parameters for RSA-PKCS signatures
        PublicKey pubKey = msg.getRequestPublicKey();
        assertTrue(CmpMessageHelper.verifyCertBasedPKIProtection(msg.getMessage(), pubKey));
        // Verify that our verification routine does not give positive result for any other keys
        KeyPair keys = KeyTools.genKeys("512", "RSA");
        assertFalse(CmpMessageHelper.verifyCertBasedPKIProtection(msg.getMessage(), keys.getPublic()));
      }
      // Re-protect the message, now fixed by ECA-2104
      {
        ASN1InputStream in = new ASN1InputStream(novosecsigpopir);
        DERObject derObject = in.readObject();
        PKIMessage myPKIMessage = PKIMessage.getInstance(derObject);
        KeyPair keys = KeyTools.genKeys("512", "RSA");
        X509Certificate signCert = CertTools.genSelfCert("CN=CMP Sign Test", 3650, null, keys.getPrivate(), keys.getPublic(), "SHA1WithRSA", false);
        // Re-sign the message
        byte[] newmsg = CmpMessageHelper.signPKIMessage(myPKIMessage, signCert, keys.getPrivate(), CMSSignedGenerator.DIGEST_SHA1, "BC");
        in = new ASN1InputStream(newmsg);
        derObject = in.readObject();
        PKIMessage pkimsg = PKIMessage.getInstance(derObject);
        // We have to do this twice, because Novosec caches ProtectedBytes in the PKIMessage object, so we need to
        // encode it and re-decode it again to get the changes from ECA-2104 encoded correctly.
        // Not needed when simply signing a new message that you create, only when re-signing
        newmsg = CmpMessageHelper.signPKIMessage(pkimsg, signCert, keys.getPrivate(), CMSSignedGenerator.DIGEST_SHA1, "BC");
        in = new ASN1InputStream(newmsg);
        derObject = in.readObject();
        pkimsg = PKIMessage.getInstance(derObject);
        AlgorithmIdentifier algId = pkimsg.getProtectedPart().getHeader().getProtectionAlg();
        String oid = algId.getObjectId().getId();
        assertEquals(PKCSObjectIdentifiers.sha1WithRSAEncryption.getId(), oid);
        // Check that we have DERNull and not plain java null as algorithm parameters.
        DEREncodable pp = algId.getParameters();
        assertNotNull(pp);
        assertEquals(DERNull.class.getName(), pp.getClass().getName());
        // Try to verify, also verify at the same time that encoding decoding of the signature works
        assertTrue(CmpMessageHelper.verifyCertBasedPKIProtection(pkimsg, keys.getPublic()));
        // Verify that our verification routine does not give positive result for any other keys
        CrmfRequestMessage msg = new CrmfRequestMessage(pkimsg, "CN=AdminCA1", false, "CN");
        assertTrue(msg.verify());
View Full Code Here
291
292
293
294
295
296
297
298
299
300
301
      // Check signature protection
      AlgorithmIdentifier algId = msg.getMessage().getProtectedPart().getHeader().getProtectionAlg();
      String oid = algId.getObjectId().getId();
      assertEquals(PKCSObjectIdentifiers.sha1WithRSAEncryption.getId(), oid);
      // Check that we have DERNull and not plain java null as algorithm parameters.
      DEREncodable pp = algId.getParameters();
      assertNotNull(pp);
      assertEquals(DERNull.class.getName(), pp.getClass().getName());
      // Try to verify the protection signature
      assertTrue(CmpMessageHelper.verifyCertBasedPKIProtection(msg.getMessage(), msg.getRequestPublicKey()));
    }
View Full Code Here
TOP

Related Classes of org.apache.commons.ssl.asn1.DEREncodable

  • br.net.woodstock.rockframework.security.sign.impl.BouncyCastlePKCS7Signer
  • org.apache.commons.ssl.ASN1Util
  • org.apache.commons.ssl.KeyStoreBuilder
  • org.apache.commons.ssl.PKCS8Key
  • org.apache.geronimo.crypto.jce.provider.JCERSAPrivateKey
  • org.apache.geronimo.util.jce.provider.JCERSAPrivateKey
  • org.bouncycastle.asn1.cmp.CertResponse
  • org.bouncycastle.asn1.cms.AuthenticatedDataParser
  • org.bouncycastle.asn1.cms.AuthEnvelopedDataParser
  • org.bouncycastle.asn1.cms.EnvelopedDataParser
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.