Examples of org.apache.commons.ssl.asn1.DEREncodableVector

• org.bouncycastle.asn1.DEREncodableVector
  a general class for building up a vector of DER encodable objects - this will eventually be superceded by ASN1EncodableVector so you should use that class in preference.

        signatureObj.update(tobesigned);
        byte[] signature = signatureObj.sign();

        // Compose tbsCert, algId and signature into a DER sequence.
        // This will be the certificate in DER encoded form
        DEREncodableVector certDerVec = new DEREncodableVector();
        certDerVec.add(tbsCert);
        certDerVec.add(algId);
        certDerVec.add(new DERBitString(signature));
        DERSequence certDerSeq = new DERSequence(certDerVec);
        byte[] certData = certDerSeq.getEncoded();

        // Create a java.security.cert.Certificate object
        Certificate certificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(certData));

        signatureObj.update(tobesigned);
        byte[] signature = signatureObj.sign();

        // Compose tbsCert, algId and signature into a DER sequence.
        // This will be the certificate in DER encoded form
        DEREncodableVector certDerVec = new DEREncodableVector();
        certDerVec.add(tbsCert);
        certDerVec.add(algId);
        certDerVec.add(new DERBitString(signature));
        DERSequence certDerSeq = new DERSequence(certDerVec);
        byte[] certData = certDerSeq.getEncoded();

        // Create a java.security.cert.Certificate object
        Certificate certificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(certData));

        signatureObj.update(tobesigned);
        byte[] signature = signatureObj.sign();

        // Compose tbsCert, algId and signature into a DER sequence.
        // This will be the certificate in DER encoded form
        DEREncodableVector certDerVec = new DEREncodableVector();
        certDerVec.add(tbsCert);
        certDerVec.add(algId);
        certDerVec.add(new DERBitString(signature));
        DERSequence certDerSeq = new DERSequence(certDerVec);
        byte[] certData = certDerSeq.getEncoded();

        // Create a java.security.cert.Certificate object
        Certificate certificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(certData));

        signatureObj.update(tobesigned);
        byte[] signature = signatureObj.sign();

        // Compose tbsCert, algId and signature into a DER sequence.
        // This will be the certificate in DER encoded form
        DEREncodableVector certDerVec = new DEREncodableVector();
        certDerVec.add(tbsCert);
        certDerVec.add(algId);
        certDerVec.add(new DERBitString(signature));
        DERSequence certDerSeq = new DERSequence(certDerVec);
        byte[] certData = certDerSeq.getEncoded();

        // Create a java.security.cert.Certificate object
        Certificate certificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(certData));

     *
     * </pre>
     */
    public DERObject toASN1Object()
    {
        DEREncodableVector seq = new DEREncodableVector();
        seq.add(version);

        seq.add(tsaPolicyId);
        seq.add(messageImprint);
        seq.add(serialNumber);
        seq.add(genTime);

        if (accuracy != null)
        {
            seq.add(accuracy);
        }

        if (ordering != null && ordering.isTrue())
        {
            seq.add(ordering);
        }

        if (nonce != null)
        {
            seq.add(nonce);
        }

        if (tsa != null)
        {
            seq.add(new DERTaggedObject(true, 0, tsa));
        }

        if (extensions != null)
        {
            seq.add(new DERTaggedObject(false, 1, extensions));
        }

        return new DERSequence(seq);
    }

//        X509Extensions.KeyUsage,
//        false,
//        new KeyUsage(KeyUsage.dataEncipherment | KeyUsage.digitalSignature ) );


    DEREncodableVector typicalSSLServerExtendedKeyUsages = new DEREncodableVector();

    typicalSSLServerExtendedKeyUsages.add(new DERObjectIdentifier(ExtendedKeyUsageConstants.serverAuth));
    typicalSSLServerExtendedKeyUsages.add(new DERObjectIdentifier(ExtendedKeyUsageConstants.clientAuth));
    typicalSSLServerExtendedKeyUsages.add(new DERObjectIdentifier(ExtendedKeyUsageConstants.netscapeServerGatedCrypto));
    typicalSSLServerExtendedKeyUsages.add(new DERObjectIdentifier(ExtendedKeyUsageConstants.msServerGatedCrypto));

    v3CertGen.addExtension(
        X509Extensions.ExtendedKeyUsage,
        false,
        new DERSequence(typicalSSLServerExtendedKeyUsages));

    v3CertGen.addExtension(
        X509Extensions.KeyUsage,
        false,
        new KeyUsage(KeyUsage.cRLSign | KeyUsage.keyCertSign) );

    DEREncodableVector typicalCAExtendedKeyUsages = new DEREncodableVector();

    typicalCAExtendedKeyUsages.add(new DERObjectIdentifier(ExtendedKeyUsageConstants.serverAuth));
    typicalCAExtendedKeyUsages.add(new DERObjectIdentifier(ExtendedKeyUsageConstants.OCSPSigning));
    typicalCAExtendedKeyUsages.add(new DERObjectIdentifier(ExtendedKeyUsageConstants.verisignUnknown));

    v3CertGen.addExtension(
        X509Extensions.ExtendedKeyUsage,
        false,
        new DERSequence(typicalCAExtendedKeyUsages));

//        X509Extensions.KeyUsage,
//        false,
//        new KeyUsage(KeyUsage.dataEncipherment | KeyUsage.digitalSignature ) );


    DEREncodableVector typicalSSLServerExtendedKeyUsages = new DEREncodableVector();

    typicalSSLServerExtendedKeyUsages.add(new DERObjectIdentifier(ExtendedKeyUsageConstants.serverAuth));
    typicalSSLServerExtendedKeyUsages.add(new DERObjectIdentifier(ExtendedKeyUsageConstants.clientAuth));
    typicalSSLServerExtendedKeyUsages.add(new DERObjectIdentifier(ExtendedKeyUsageConstants.netscapeServerGatedCrypto));
    typicalSSLServerExtendedKeyUsages.add(new DERObjectIdentifier(ExtendedKeyUsageConstants.msServerGatedCrypto));

    v3CertGen.addExtension(
        X509Extensions.ExtendedKeyUsage,
        false,
        new DERSequence(typicalSSLServerExtendedKeyUsages));

    v3CertGen.addExtension(
        X509Extensions.KeyUsage,
        false,
        new KeyUsage(KeyUsage.cRLSign | KeyUsage.keyCertSign) );

    DEREncodableVector typicalCAExtendedKeyUsages = new DEREncodableVector();

    typicalCAExtendedKeyUsages.add(new DERObjectIdentifier(ExtendedKeyUsageConstants.serverAuth));
    typicalCAExtendedKeyUsages.add(new DERObjectIdentifier(ExtendedKeyUsageConstants.OCSPSigning));
    typicalCAExtendedKeyUsages.add(new DERObjectIdentifier(ExtendedKeyUsageConstants.verisignUnknown));

    v3CertGen.addExtension(
        X509Extensions.ExtendedKeyUsage,
        false,
        new DERSequence(typicalCAExtendedKeyUsages));

//        X509Extensions.KeyUsage,
//        false,
//        new KeyUsage(KeyUsage.dataEncipherment | KeyUsage.digitalSignature ) );


    DEREncodableVector typicalSSLServerExtendedKeyUsages = new DEREncodableVector();

    typicalSSLServerExtendedKeyUsages.add(new DERObjectIdentifier(ExtendedKeyUsageConstants.serverAuth));
    typicalSSLServerExtendedKeyUsages.add(new DERObjectIdentifier(ExtendedKeyUsageConstants.clientAuth));
    typicalSSLServerExtendedKeyUsages.add(new DERObjectIdentifier(ExtendedKeyUsageConstants.netscapeServerGatedCrypto));
    typicalSSLServerExtendedKeyUsages.add(new DERObjectIdentifier(ExtendedKeyUsageConstants.msServerGatedCrypto));

    v3CertGen.addExtension(
        X509Extensions.ExtendedKeyUsage,
        false,
        new DERSequence(typicalSSLServerExtendedKeyUsages));