Package org.apache.geronimo.util.asn1

Examples of org.apache.geronimo.util.asn1.DERSet


    private DERSet getAuthenticatedAttributeSet(byte secondDigest[], Calendar signingTime, byte[] ocsp, Collection<byte[]> crlBytes, CryptoStandard sigtype) {
        try {
            ASN1EncodableVector attribute = new ASN1EncodableVector();
            ASN1EncodableVector v = new ASN1EncodableVector();
            v.add(new ASN1ObjectIdentifier(SecurityIDs.ID_CONTENT_TYPE));
            v.add(new DERSet(new ASN1ObjectIdentifier(SecurityIDs.ID_PKCS7_DATA)));
            attribute.add(new DERSequence(v));
            v = new ASN1EncodableVector();
            v.add(new ASN1ObjectIdentifier(SecurityIDs.ID_SIGNING_TIME));
            v.add(new DERSet(new DERUTCTime(signingTime.getTime())));
            attribute.add(new DERSequence(v));
            v = new ASN1EncodableVector();
            v.add(new ASN1ObjectIdentifier(SecurityIDs.ID_MESSAGE_DIGEST));
            v.add(new DERSet(new DEROctetString(secondDigest)));
            attribute.add(new DERSequence(v));
            boolean haveCrl = false;
            if (crlBytes != null) {
                for (byte[] bCrl : crlBytes) {
                    if (bCrl != null) {
                        haveCrl = true;
                        break;
                    }
                }
            }
            if (ocsp != null || haveCrl) {
                v = new ASN1EncodableVector();
                v.add(new ASN1ObjectIdentifier(SecurityIDs.ID_ADBE_REVOCATION));

                ASN1EncodableVector revocationV = new ASN1EncodableVector();

                if (haveCrl) {
                    ASN1EncodableVector v2 = new ASN1EncodableVector();
                    for (byte[] bCrl : crlBytes) {
                        if (bCrl == null)
                            continue;
                        ASN1InputStream t = new ASN1InputStream(new ByteArrayInputStream(bCrl));
                        v2.add(t.readObject());
                    }
                    revocationV.add(new DERTaggedObject(true, 0, new DERSequence(v2)));
                }

                if (ocsp != null) {
                  DEROctetString doctet = new DEROctetString(ocsp);
                  ASN1EncodableVector vo1 = new ASN1EncodableVector();
                  ASN1EncodableVector v2 = new ASN1EncodableVector();
                  v2.add(OCSPObjectIdentifiers.id_pkix_ocsp_basic);
                  v2.add(doctet);
                  ASN1Enumerated den = new ASN1Enumerated(0);
                  ASN1EncodableVector v3 = new ASN1EncodableVector();
                  v3.add(den);
                  v3.add(new DERTaggedObject(true, 0, new DERSequence(v2)));
                  vo1.add(new DERSequence(v3));
                  revocationV.add(new DERTaggedObject(true, 1, new DERSequence(vo1)));
                }

                v.add(new DERSet(new DERSequence(revocationV)));
                attribute.add(new DERSequence(v));
            }
            if (sigtype == CryptoStandard.CADES) {
                v = new ASN1EncodableVector();
                v.add(new ASN1ObjectIdentifier(SecurityIDs.ID_AA_SIGNING_CERTIFICATE_V2));

                ASN1EncodableVector aaV2 = new ASN1EncodableVector();
                AlgorithmIdentifier algoId = new AlgorithmIdentifier(new ASN1ObjectIdentifier(digestAlgorithmOid), null);
                aaV2.add(algoId);
                MessageDigest md = interfaceDigest.getMessageDigest(getHashAlgorithm());
                byte[] dig = md.digest(signCert.getEncoded());
                aaV2.add(new DEROctetString(dig));
               
                v.add(new DERSet(new DERSequence(new DERSequence(new DERSequence(aaV2)))));
                attribute.add(new DERSequence(v));
            }

            return new DERSet(attribute);
        }
        catch (Exception e) {
            throw new ExceptionConverter(e);
        }
    }
View Full Code Here


        Cipher cipher = Cipher.getInstance(s);
        cipher.init(1, secretkey, algorithmparameters);
        byte[] abyte1 = cipher.doFinal(in);
        DEROctetString deroctetstring = new DEROctetString(abyte1);
        KeyTransRecipientInfo keytransrecipientinfo = computeRecipientInfo(cert, secretkey.getEncoded());
        DERSet derset = new DERSet(new RecipientInfo(keytransrecipientinfo));
        AlgorithmIdentifier algorithmidentifier = new AlgorithmIdentifier(new DERObjectIdentifier(s), derobject);
        EncryptedContentInfo encryptedcontentinfo =
            new EncryptedContentInfo(PKCSObjectIdentifiers.data, algorithmidentifier, deroctetstring);
        EnvelopedData env = new EnvelopedData(null, derset, encryptedcontentinfo, null);
        ContentInfo contentinfo =
View Full Code Here

        Cipher cipher = Cipher.getInstance(s);
        cipher.init(1, secretkey, algorithmparameters);
        byte[] abyte1 = cipher.doFinal(in);
        DEROctetString deroctetstring = new DEROctetString(abyte1);
        KeyTransRecipientInfo keytransrecipientinfo = computeRecipientInfo(cert, secretkey.getEncoded());
        DERSet derset = new DERSet(new RecipientInfo(keytransrecipientinfo));
        AlgorithmIdentifier algorithmidentifier = new AlgorithmIdentifier(new DERObjectIdentifier(s), derobject);
        EncryptedContentInfo encryptedcontentinfo =
            new EncryptedContentInfo(PKCSObjectIdentifiers.data, algorithmidentifier, deroctetstring);
        EnvelopedData env = new EnvelopedData(null, derset, encryptedcontentinfo, null);
        ContentInfo contentinfo =
View Full Code Here

        System.out.println("Keys generated.");

        // Generate PKCS10 certificate request
        PKCS10CertificationRequest req = new PKCS10CertificationRequest("SHA1WithRSA",
                CertTools.stringToBcX509Name("C=SE,O=AnaTom,CN=HttpTest"), rsaKeys.getPublic(),
                new DERSet(), rsaKeys.getPrivate());
        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
        DEROutputStream dOut = new DEROutputStream(bOut);
        dOut.writeObject(req);
        dOut.close();
View Full Code Here

            log.info("Using named curve parameter encoding for ECC key.");
        }
        final PKCS10CertificationRequest certReq =
            new PKCS10CertificationRequest( sigAlg,
                                            sDN!=null ? new X509Name(sDN) : new X509Name("CN="+alias),
                                            publicKey, new DERSet(),
                                            privateKey,
                                            this.keyStore.getProvider().getName() );
        if ( !certReq.verify() ) {
            String msg = intres.getLocalizedMessage("catoken.errorcertreqverify", alias);
            throw new Exception(msg);
View Full Code Here

      Attribute attr = null;
        String value = CertTools.getPartFromDN(dirAttr, "countryOfResidence");
        if (!StringUtils.isEmpty(value)) {
          ASN1EncodableVector vec = new ASN1EncodableVector();
          vec.add(new DERPrintableString(value));
          attr = new Attribute(new DERObjectIdentifier(id_pda_countryOfResidence),new DERSet(vec));
          ret.add(attr);
        }
        value = CertTools.getPartFromDN(dirAttr, "countryOfCitizenship");
        if (!StringUtils.isEmpty(value)) {
          ASN1EncodableVector vec = new ASN1EncodableVector();
          vec.add(new DERPrintableString(value));
          attr = new Attribute(new DERObjectIdentifier(id_pda_countryOfCitizenship),new DERSet(vec));
          ret.add(attr);
        }
        value = CertTools.getPartFromDN(dirAttr, "gender");
        if (!StringUtils.isEmpty(value)) {
          ASN1EncodableVector vec = new ASN1EncodableVector();
          vec.add(new DERPrintableString(value));
          attr = new Attribute(new DERObjectIdentifier(id_pda_gender),new DERSet(vec));
          ret.add(attr);
        }
        value = CertTools.getPartFromDN(dirAttr, "placeOfBirth");
        if (!StringUtils.isEmpty(value)) {
          ASN1EncodableVector vec = new ASN1EncodableVector();
          X509DefaultEntryConverter conv = new X509DefaultEntryConverter();
          DERObject obj = conv.getConvertedValue(new DERObjectIdentifier(id_pda_placeOfBirth), value);
          vec.add(obj);
          attr = new Attribute(new DERObjectIdentifier(id_pda_placeOfBirth),new DERSet(vec));
          ret.add(attr);
        }       
        // dateOfBirth that is a GeneralizedTime
        // The correct format for this is YYYYMMDD, it will be padded to YYYYMMDD120000Z
        value = CertTools.getPartFromDN(dirAttr, "dateOfBirth");
        if (!StringUtils.isEmpty(value)) {
            if (value.length() == 8) {
                value += "120000Z"; // standard format according to rfc3739
              ASN1EncodableVector vec = new ASN1EncodableVector();
                vec.add(new DERGeneralizedTime(value));
                attr = new Attribute(new DERObjectIdentifier(id_pda_dateOfBirth),new DERSet(vec));
                ret.add(attr);               
            } else {
                log.error("Wrong length of data for 'dateOfBirth', should be of format YYYYMMDD, skipping...");
            }
        }
View Full Code Here

     */
    private X509Certificate[] storeKey(EjbcaWS ejbcaWS, UserDataVOWS userData, KeyPair keyPair) {
        X509Certificate tmpCert = null;
        final Iterator<X509Certificate> i;
        try {
            final PKCS10CertificationRequest pkcs10 = new PKCS10CertificationRequest("SHA1WithRSA", CertTools.stringToBcX509Name("CN=NOUSED"), keyPair.getPublic(), new DERSet(),
                                                                                     keyPair.getPrivate(), this.privateKeyContainerKeyStore.providerName );
            final CertificateResponse certificateResponse = ejbcaWS.pkcs10Request(userData.getUsername(), userData.getPassword(),
                                                                                  new String(Base64.encode(pkcs10.getEncoded())),null,CertificateHelper.RESPONSETYPE_CERTIFICATE);
            i = (Iterator<X509Certificate>)CertificateFactory.getInstance("X.509").generateCertificates(new ByteArrayInputStream(Base64.decode(certificateResponse.getData()))).iterator();
        } catch (Exception e) {
View Full Code Here

        // }
        ASN1EncodableVector vec = new ASN1EncodableVector();
        vec.add(PKCSObjectIdentifiers.pkcs_9_at_challengePassword);
        ASN1EncodableVector values = new ASN1EncodableVector();
        values.add(new DERUTF8String(password));
        vec.add(new DERSet(values));
        ASN1EncodableVector v = new ASN1EncodableVector();
        v.add(new DERSequence(vec));
        DERSet set = new DERSet(v);
        // Create PKCS#10 certificate request
        PKCS10CertificationRequest p10request = new PKCS10CertificationRequest("SHA1WithRSA",
                CertTools.stringToBcX509Name(dn), keys.getPublic(), set, keys.getPrivate());
        return p10request.getEncoded();       
    }
View Full Code Here

    protected void makeCertRequest(String dn, KeyPair rsaKeys, String reqfile) throws NoSuchAlgorithmException, IOException, NoSuchProviderException,
            InvalidKeyException, SignatureException {
        getLogger().trace(">makeCertRequest: dn='" + dn + "', reqfile='" + reqfile + "'.");

        PKCS10CertificationRequest req = new PKCS10CertificationRequest("SHA1WithRSA", CertTools.stringToBcX509Name(dn), rsaKeys.getPublic(), new DERSet(),
                rsaKeys.getPrivate());

        /*
         * We don't use these unnecessary attributes DERConstructedSequence kName
         * = new DERConstructedSequence(); DERConstructedSet kSeq = new
View Full Code Here

   }

   public void test01Pkcs10RequestMessage() throws InvalidKeyException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException {
     X509Name dn = new X509Name("CN=Test,OU=foo");
     PKCS10CertificationRequest basicpkcs10 = new PKCS10CertificationRequest("SHA1WithRSA", dn,
         keyPair.getPublic(), new DERSet(), keyPair.getPrivate());

     PKCS10RequestMessage msg = new PKCS10RequestMessage(basicpkcs10);
     String username = msg.getUsername();
     assertEquals("Test", username);

     dn = new X509Name("C=SE, O=Foo, CN=Test Testsson");
     basicpkcs10 = new PKCS10CertificationRequest("SHA1WithRSA", dn,
         keyPair.getPublic(), new DERSet(), keyPair.getPrivate());

     msg = new PKCS10RequestMessage(basicpkcs10);
     username = msg.getUsername();
     assertEquals("Test", username);

     // oid for unstructuredName, will be handles specially by EJBCA
     dn = new X509Name("CN=Test + 1.2.840.113549.1.9.2=AttrValue1");
     basicpkcs10 = new PKCS10CertificationRequest("SHA1WithRSA", dn,
         keyPair.getPublic(), new DERSet(), keyPair.getPrivate());

     msg = new PKCS10RequestMessage(basicpkcs10);
     username = msg.getUsername();
     assertEquals("Test", username);

     dn = new X509Name("CN=Test + 1.2.840.113549.1.9.2=AttrValue1 AttrValue2");
     basicpkcs10 = new PKCS10CertificationRequest("SHA1WithRSA", dn,
         keyPair.getPublic(), new DERSet(), keyPair.getPrivate());

     msg = new PKCS10RequestMessage(basicpkcs10);
     username = msg.getUsername();
     assertEquals("Test", username);

     dn = new X509Name("CN=Test+1.2.840.113549.1.9.2=AttrValue1");
     basicpkcs10 = new PKCS10CertificationRequest("SHA1WithRSA", dn,
         keyPair.getPublic(), new DERSet(), keyPair.getPrivate());

     msg = new PKCS10RequestMessage(basicpkcs10);
     username = msg.getUsername();
     assertEquals("Test", username);

     dn = new X509Name("CN=Test+1.2.840.113549.1.9.2=AttrValue1 AttrValue2");
     basicpkcs10 = new PKCS10CertificationRequest("SHA1WithRSA", dn,
         keyPair.getPublic(), new DERSet(), keyPair.getPrivate());

     msg = new PKCS10RequestMessage(basicpkcs10);
     username = msg.getUsername();
     assertEquals("Test", username);

     // Completely unknown oid
     dn = new X509Name("CN=Test + 1.2.840.113549.1.9.3=AttrValue1");
     basicpkcs10 = new PKCS10CertificationRequest("SHA1WithRSA", dn,
         keyPair.getPublic(), new DERSet(), keyPair.getPrivate());

     msg = new PKCS10RequestMessage(basicpkcs10);
     username = msg.getUsername();
     assertEquals("Test", username);

     dn = new X509Name("CN=Test + 1.2.840.113549.1.9.3=AttrValue1 AttrValue2");
     basicpkcs10 = new PKCS10CertificationRequest("SHA1WithRSA", dn,
         keyPair.getPublic(), new DERSet(), keyPair.getPrivate());

     msg = new PKCS10RequestMessage(basicpkcs10);
     username = msg.getUsername();
     assertEquals("Test", username);

     dn = new X509Name("CN=Test+1.2.840.113549.1.9.3=AttrValue1");
     basicpkcs10 = new PKCS10CertificationRequest("SHA1WithRSA", dn,
         keyPair.getPublic(), new DERSet(), keyPair.getPrivate());

     msg = new PKCS10RequestMessage(basicpkcs10);
     username = msg.getUsername();
     assertEquals("Test", username);

     dn = new X509Name("CN=Test+1.2.840.113549.1.9.3=AttrValue1 AttrValue2");
     basicpkcs10 = new PKCS10CertificationRequest("SHA1WithRSA", dn,
         keyPair.getPublic(), new DERSet(), keyPair.getPrivate());

     msg = new PKCS10RequestMessage(basicpkcs10);
     username = msg.getUsername();
     assertEquals("Test", username);

     dn = new X509Name("1.2.840.113549.1.9.3=AttrValue1 AttrValue2+CN=Test");
     basicpkcs10 = new PKCS10CertificationRequest("SHA1WithRSA", dn,
         keyPair.getPublic(), new DERSet(), keyPair.getPrivate());

     msg = new PKCS10RequestMessage(basicpkcs10);
     username = msg.getUsername();
     assertEquals("Test", username);

     dn = new X509Name("1.2.840.113549.1.9.3=AttrValue1 AttrValue2+CN=Test+O=abc");
     basicpkcs10 = new PKCS10CertificationRequest("SHA1WithRSA", dn,
         keyPair.getPublic(), new DERSet(), keyPair.getPrivate());

     msg = new PKCS10RequestMessage(basicpkcs10);
     username = msg.getUsername();
     assertEquals("Test", username);

     dn = new X509Name("1.2.840.113549.1.9.3=AttrValue1\\+\\= AttrValue2+CN=Test+O=abc")// very strange, but should still be valid
     basicpkcs10 = new PKCS10CertificationRequest("SHA1WithRSA", dn,
         keyPair.getPublic(), new DERSet(), keyPair.getPrivate());

     msg = new PKCS10RequestMessage(basicpkcs10);
     username = msg.getUsername();
     assertEquals("Test", username);
View Full Code Here

TOP

Related Classes of org.apache.geronimo.util.asn1.DERSet

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.