Package org.bouncycastle.asn1

Examples of org.bouncycastle.asn1.DEREncodable

245
246
247
248
249
250
251
252
253
    props.put("id1.property.value", "1.1.1.255.1");
   
    BasicCertificateExtension baseExt = new BasicCertificateExtension();
    baseExt.init(1, "1.2.3", false, props);
   
    DEREncodable value = baseExt.getValue(null, null, null, null, null);
    assertTrue(value.getClass().toString(),value instanceof DERObjectIdentifier);
    assertTrue(((DERObjectIdentifier)value).getId(),((DERObjectIdentifier)value).getId().equals("1.1.1.255.1"));       
  }
View Full Code Here
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
    props.put("id1.property.value3", "foo3");
   
    BasicCertificateExtension baseExt = new BasicCertificateExtension();
    baseExt.init(1, "1.2.3", false, props);
   
    DEREncodable value = baseExt.getValue(null, null, null, null, null);
    assertTrue(value.getClass().toString(),value instanceof DERSequence);
    DERSequence seq = (DERSequence)value;
    assertEquals(3, seq.size());
    Enumeration e = seq.getObjects();
    int i = 1;
    while(e.hasMoreElements()) {
      DEREncodable v = (DEREncodable)e.nextElement();
      assertTrue(v.getClass().toString(),v instanceof DERUTF8String);
      String str = ((DERUTF8String)v).getString();
      log.info(str);
      assertEquals(str,"foo"+i++);       
    }
  }
View Full Code Here
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
        GeneralNames gan = GeneralNames.getInstance(obj);
        GeneralName[] gns = gan.getNames();
        for (int i = 0; i < gns.length; i++) {
          GeneralName gn = gns[i];
          int tag = gn.getTagNo();
          DEREncodable name = gn.getName();
          String str = CertTools.getGeneralNameString(tag, name);
          if (altName == null) {
            altName = str;
          } else {
            altName += ", "+str;
View Full Code Here
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
        // Verify signature protection
        AlgorithmIdentifier algId = msg.getMessage().getProtectedPart().getHeader().getProtectionAlg();
        String oid = algId.getObjectId().getId();
        assertEquals(PKCSObjectIdentifiers.sha1WithRSAEncryption.getId(), oid);
        // Check that this is an old message, created before ECA-2104, using null instead of DERNull as algorithm parameters.
        DEREncodable pp = algId.getParameters();
        assertNull(pp);
        // Try to verify, it should work good even though the small bug in ECA-2104, since we don't use algorithm parameters for RSA-PKCS signatures
        PublicKey pubKey = msg.getRequestPublicKey();
        assertTrue(CmpMessageHelper.verifyCertBasedPKIProtection(msg.getMessage(), pubKey));
        // Verify that our verification routine does not give positive result for any other keys
        KeyPair keys = KeyTools.genKeys("512", "RSA");
        assertFalse(CmpMessageHelper.verifyCertBasedPKIProtection(msg.getMessage(), keys.getPublic()));
      }
      // Re-protect the message, now fixed by ECA-2104
      {
        ASN1InputStream in = new ASN1InputStream(novosecsigpopir);
        DERObject derObject = in.readObject();
        PKIMessage myPKIMessage = PKIMessage.getInstance(derObject);
        KeyPair keys = KeyTools.genKeys("512", "RSA");
        X509Certificate signCert = CertTools.genSelfCert("CN=CMP Sign Test", 3650, null, keys.getPrivate(), keys.getPublic(), "SHA1WithRSA", false);
        // Re-sign the message
        byte[] newmsg = CmpMessageHelper.signPKIMessage(myPKIMessage, signCert, keys.getPrivate(), CMSSignedGenerator.DIGEST_SHA1, "BC");
        in = new ASN1InputStream(newmsg);
        derObject = in.readObject();
        PKIMessage pkimsg = PKIMessage.getInstance(derObject);
        // We have to do this twice, because Novosec caches ProtectedBytes in the PKIMessage object, so we need to
        // encode it and re-decode it again to get the changes from ECA-2104 encoded correctly.
        // Not needed when simply signing a new message that you create, only when re-signing
        newmsg = CmpMessageHelper.signPKIMessage(pkimsg, signCert, keys.getPrivate(), CMSSignedGenerator.DIGEST_SHA1, "BC");
        in = new ASN1InputStream(newmsg);
        derObject = in.readObject();
        pkimsg = PKIMessage.getInstance(derObject);
        AlgorithmIdentifier algId = pkimsg.getProtectedPart().getHeader().getProtectionAlg();
        String oid = algId.getObjectId().getId();
        assertEquals(PKCSObjectIdentifiers.sha1WithRSAEncryption.getId(), oid);
        // Check that we have DERNull and not plain java null as algorithm parameters.
        DEREncodable pp = algId.getParameters();
        assertNotNull(pp);
        assertEquals(DERNull.class.getName(), pp.getClass().getName());
        // Try to verify, also verify at the same time that encoding decoding of the signature works
        assertTrue(CmpMessageHelper.verifyCertBasedPKIProtection(pkimsg, keys.getPublic()));
        // Verify that our verification routine does not give positive result for any other keys
        CrmfRequestMessage msg = new CrmfRequestMessage(pkimsg, "CN=AdminCA1", false, "CN");
        assertTrue(msg.verify());
View Full Code Here
291
292
293
294
295
296
297
298
299
300
301
      // Check signature protection
      AlgorithmIdentifier algId = msg.getMessage().getProtectedPart().getHeader().getProtectionAlg();
      String oid = algId.getObjectId().getId();
      assertEquals(PKCSObjectIdentifiers.sha1WithRSAEncryption.getId(), oid);
      // Check that we have DERNull and not plain java null as algorithm parameters.
      DEREncodable pp = algId.getParameters();
      assertNotNull(pp);
      assertEquals(DERNull.class.getName(), pp.getClass().getName());
      // Try to verify the protection signature
      assertTrue(CmpMessageHelper.verifyCertBasedPKIProtection(msg.getMessage(), msg.getRequestPublicKey()));
    }
View Full Code Here
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
    // Verify signature properties
    AlgorithmIdentifier algId = msg.getMessage().getProtectedPart().getHeader().getProtectionAlg();
    String oid = algId.getObjectId().getId();
    assertEquals(PKCSObjectIdentifiers.sha1WithRSAEncryption.getId(), oid);
    // Check that we have DERNull and not plain java null as algorithm parameters.
    DEREncodable pp = algId.getParameters();
    assertNotNull(pp);
    assertEquals(DERNull.class.getName(), pp.getClass().getName());
    // Try to verify message protection
    // Does not work for this Huawei message, is it signed by the same key as in the request at all?
    // We will wait for another huawei message to test
    //PublicKey pubKey = msg.getRequestPublicKey();
    //assertTrue(CmpMessageHelper.verifyCertBasedPKIProtection(msg.getMessage(), pubKey));

      // Read the CertConf (certificate confirmation) CMP message that the client sends to
    // the CA after receiving the certificate. RFC4210 section "5.3.18.  Certificate Confirmation Content".
      in = new ASN1InputStream(huaweicertconf);
    derObject = in.readObject();
    PKIMessage certconf = PKIMessage.getInstance(derObject);
    //log.info(certconf.toString());
    GeneralCmpMessage conf = new GeneralCmpMessage(certconf);
    // Verify signature properties
    algId = conf.getMessage().getProtectedPart().getHeader().getProtectionAlg();
    oid = algId.getObjectId().getId();
    assertEquals(PKCSObjectIdentifiers.sha1WithRSAEncryption.getId(), oid);
    // Check that we have DERNull and not plain java null as algorithm parameters.
    pp = algId.getParameters();
    assertNotNull(pp);
    assertEquals(DERNull.class.getName(), pp.getClass().getName());
    // Try to verify message protection
    // Does not work for this Huawei message, is it signed by the same key as in the request at all?
    // We will wait for another huawei message to test
    //PublicKey pubKey = msg.getRequestPublicKey();
    //assertTrue(CmpMessageHelper.verifyCertBasedPKIProtection(msg.getMessage(), pubKey));
View Full Code Here
42
43
44
45
46
47
48
49
50
51
52
    props.put("id1.property.encoding", "DERNULL");
   
    BasicCertificateExtension baseExt = new BasicCertificateExtension();
    baseExt.init(1, "1.2.3", false, props);
   
    DEREncodable value = baseExt.getValue(null, null, null, null, null);
    assertTrue(value.getClass().toString(),value instanceof DERNull);
    assertTrue(baseExt.getOID().equals("1.2.3"));
    assertTrue(baseExt.getId() == 1);
    assertFalse(baseExt.isCriticalFlag());
  }
View Full Code Here
57
58
59
60
61
62
63
64
65
66
67
68
    props.put("id1.property.value", "1234");
   
    BasicCertificateExtension baseExt = new BasicCertificateExtension();
    baseExt.init(1, "1.2.3", false, props);
   
    DEREncodable value = baseExt.getValue(null, null, null, null, null);
    assertTrue(value.getClass().toString(),value instanceof DERInteger);
    assertTrue(((DERInteger)value).toString(),((DERInteger)value).toString().equals("1234"));
    assertTrue(baseExt.getOID().equals("1.2.3"));
    assertTrue(baseExt.getId() == 1);
    assertFalse(baseExt.isCriticalFlag())
   
View Full Code Here
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
    props.put("id1.property.encoding", "DERBITSTRING");
    props.put("id1.property.value", "1111"); // this is 15 decimal
    BasicCertificateExtension baseExt = new BasicCertificateExtension();
    baseExt.init(1, "1.2.3", false, props);   
    byte[] result = {15};
    DEREncodable value = baseExt.getValue(null, null, null, null, null);
    assertTrue(value.getClass().toString(),value instanceof DERBitString);
    assertEquals(((DERBitString)value).getBytes()[0],result[0]);
    assertEquals(((DERBitString)value).getPadBits(), 0);
    assertTrue(baseExt.getOID().equals("1.2.3"));
    assertTrue(baseExt.getId() == 1);
    assertFalse(baseExt.isCriticalFlag())
   
    props = new Properties();
    props.put("id1.property.encoding", "DERBITSTRING");
    // SSL Client and S/MIME in NetscapeCertType
    // This will be -96 in decimal, don't ask me why, but it is!
    props.put("id1.property.value", "10100000");
   
    baseExt = new BasicCertificateExtension();
    baseExt.init(1, "1.2.3", false, props);
    value = baseExt.getValue(null, null, null, null, null);
    assertTrue(value.getClass().toString(),value instanceof DERBitString);
    new BigInteger(((DERBitString)value).getBytes()); // Will throw if value is wrong
    //log.debug(bi.toString(2));
    //log.debug(bi.toString());
    //log.debug(((DERBitString)value).getBytes()[0]);
    assertEquals(((DERBitString)value).getBytes()[0],-96);
View Full Code Here
123
124
125
126
127
128
129
130
131
132
133
134
    props.put("id1.property.value", "true");
   
    BasicCertificateExtension baseExt = new BasicCertificateExtension();
    baseExt.init(1, "1.2.3", false, props);
   
    DEREncodable value = baseExt.getValue(null, null, null, null, null);
    assertTrue(value.getClass().toString(),value instanceof DERBoolean);
    assertTrue(((DERBoolean)value).toString(),((DERBoolean)value).toString().equals("TRUE"));
    assertTrue(baseExt.getOID().equals("1.2.3"));
    assertTrue(baseExt.getId() == 1);
    assertFalse(baseExt.isCriticalFlag());     
   
View Full Code Here
TOP

Related Classes of org.bouncycastle.asn1.DEREncodable

  • br.net.woodstock.rockframework.security.sign.impl.BouncyCastlePKCS7Signer
  • org.apache.geronimo.util.jce.provider.JCERSAPrivateKey
  • org.bouncycastle.asn1.ASN1Encodable
  • org.bouncycastle.asn1.ASN1EncodableVector
  • org.bouncycastle.asn1.ASN1Integer
  • org.bouncycastle.asn1.ASN1SequenceParser
  • org.bouncycastle.asn1.ASN1SetParser
  • org.bouncycastle.asn1.BERSequence
  • org.bouncycastle.asn1.BERTaggedObject
  • org.bouncycastle.asn1.cms.AuthenticatedDataParser
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.