Java Code Examples for org.bouncycastle.asn1.ASN1Sequence#size()
The following examples show how to use
org.bouncycastle.asn1.ASN1Sequence#size() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: DSSASN1Utils.java From dss with GNU Lesser General Public License v2.1 | 6 votes |
public static SemanticsIdentifier getSemanticsIdentifier(CertificateToken certToken) { final byte[] qcStatement = certToken.getCertificate().getExtensionValue(Extension.qCStatements.getId()); if (Utils.isArrayNotEmpty(qcStatement)) { try { final ASN1Sequence seq = getAsn1SequenceFromDerOctetString(qcStatement); for (int i = 0; i < seq.size(); i++) { final QCStatement statement = QCStatement.getInstance(seq.getObjectAt(i)); if (RFC3739QCObjectIdentifiers.id_qcs_pkixQCSyntax_v2.equals(statement.getStatementId())) { SemanticsInformation semanticsInfo = SemanticsInformation.getInstance(statement.getStatementInfo()); if (semanticsInfo != null && semanticsInfo.getSemanticsIdentifier() != null) { return SemanticsIdentifier.fromOid(semanticsInfo.getSemanticsIdentifier().getId()); } } } } catch (Exception e) { LOG.warn("Unable to extract the SemanticsIdentifier", e); } } return null; }
Example 2
Source File: CertifiedAttributesV2.java From dss with GNU Lesser General Public License v2.1 | 6 votes |
@SuppressWarnings("rawtypes") private CertifiedAttributesV2(ASN1Sequence seq) { int index = 0; values = new Object[seq.size()]; for (Enumeration e = seq.getObjects(); e.hasMoreElements();) { ASN1TaggedObject taggedObject = ASN1TaggedObject.getInstance(e.nextElement()); if (taggedObject.getTagNo() == 0) { values[index] = AttributeCertificate.getInstance(ASN1Sequence.getInstance(taggedObject, true)); } else if (taggedObject.getTagNo() == 1) { LOG.info("OtherAttributeCertificate detected"); } else { throw new IllegalArgumentException("illegal tag: " + taggedObject.getTagNo()); } index++; } }
Example 3
Source File: ProxyMessage.java From xipki with Apache License 2.0 | 6 votes |
private NewObjectControl(ASN1Sequence seq) throws BadAsn1ObjectException { final int size = seq.size(); Args.min(size, "seq.size", 1); String label = DERUTF8String.getInstance(seq.getObjectAt(0)).getString(); byte[] id = null; for (int i = 1; i < size; i++) { ASN1Encodable obj = seq.getObjectAt(i); if (obj instanceof ASN1TaggedObject) { continue; } ASN1TaggedObject tagObj = (ASN1TaggedObject) obj; int tagNo = tagObj.getTagNo(); if (tagNo == 0) { id = DEROctetString.getInstance(tagObj.getObject()).getOctets(); } } this.control = new P11NewKeyControl(id, label); }
Example 4
Source File: SM2Signer.java From web3sdk with Apache License 2.0 | 6 votes |
public BigInteger[] derDecode(byte[] encoding) throws IOException { ASN1Sequence seq = ASN1Sequence.getInstance(ASN1Primitive.fromByteArray(encoding)); if (seq.size() != 2) { return null; } BigInteger r = ASN1Integer.getInstance(seq.getObjectAt(0)).getValue(); BigInteger s = ASN1Integer.getInstance(seq.getObjectAt(1)).getValue(); byte[] expectedEncoding = derEncode(r, s); if (!Arrays.constantTimeAreEqual(expectedEncoding, encoding)) { return null; } return new BigInteger[] {r, s}; }
Example 5
Source File: DSSASN1Utils.java From dss with GNU Lesser General Public License v2.1 | 6 votes |
public static List<String> getQCLegislations(CertificateToken certToken) { final List<String> result = new ArrayList<>(); final byte[] qcStatement = certToken.getCertificate().getExtensionValue(Extension.qCStatements.getId()); if (Utils.isArrayNotEmpty(qcStatement)) { try { final ASN1Sequence seq = getAsn1SequenceFromDerOctetString(qcStatement); // Sequence of QCStatement for (int ii = 0; ii < seq.size(); ii++) { final QCStatement statement = QCStatement.getInstance(seq.getObjectAt(ii)); if (QC_LEGISLATION_OID.equals(statement.getStatementId().getId())) { ASN1Sequence sequenceLegislation = ASN1Sequence.getInstance(statement.getStatementInfo()); for (int jj = 0; jj < sequenceLegislation.size(); jj++) { result.add(getString(sequenceLegislation.getObjectAt(jj))); } } } } catch (Exception e) { LOG.warn("Unable to parse the qCStatements extension '{}' : {}", Utils.toBase64(qcStatement), e.getMessage(), e); } } return result; }
Example 6
Source File: DPolicyMappings.java From keystore-explorer with GNU General Public License v3.0 | 6 votes |
private void okPressed() { PolicyMappings policyMappings = jpmPolicyMappings.getPolicyMappings(); ASN1Sequence policyMappingsSeq = (ASN1Sequence) policyMappings.toASN1Primitive(); if (policyMappingsSeq.size() == 0) { JOptionPane.showMessageDialog(this, res.getString("DPolicyMappings.ValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE); return; } try { value = policyMappings.getEncoded(ASN1Encoding.DER); } catch (IOException e) { DError.displayError(this, e); return; } closeDialog(); }
Example 7
Source File: CMSCRLSource.java From dss with GNU Lesser General Public License v2.1 | 6 votes |
private void collectRevocationRefs(ASN1ObjectIdentifier revocationRefsAttribute, RevocationRefOrigin origin) { try { final ASN1Encodable attrValue = DSSASN1Utils.getAsn1Encodable(unsignedAttributes, revocationRefsAttribute); if (attrValue != null) { final ASN1Sequence revocationRefs = (ASN1Sequence) attrValue; for (int ii = 0; ii < revocationRefs.size(); ii++) { final CrlOcspRef crlOcspRef = CrlOcspRef.getInstance(revocationRefs.getObjectAt(ii)); final CrlListID crlIds = crlOcspRef.getCrlids(); if (crlIds != null) { for (final CrlValidatedID id : crlIds.getCrls()) { final CRLRef crlRef = new CRLRef(id); addRevocationReference(crlRef, origin); } } } } } catch (Exception e) { // When error in computing or in format, the algorithm just continues. LOG.warn( "An error occurred during extraction of revocation references from signature unsigned properties. " + "Revocations for origin {} were not stored", origin.toString(), e); } }
Example 8
Source File: DSSSignatureUtils.java From dss with GNU Lesser General Public License v2.1 | 5 votes |
/** * Checks if the signature is ASN.1 encoded. * * @param signatureValue * signature value to check. * @return if the signature is ASN.1 encoded. */ private static boolean isAsn1Encoded(byte[] signatureValue) { try (ASN1InputStream is = new ASN1InputStream(signatureValue)) { ASN1Sequence seq = (ASN1Sequence) is.readObject(); return seq != null && seq.size() == 2; } catch (Exception e) { return false; } }
Example 9
Source File: SubjectChecker.java From xipki with Apache License 2.0 | 5 votes |
private static String getRdnTextValueOfRequest(RDN requestedRdn) throws BadCertTemplateException { ASN1ObjectIdentifier type = requestedRdn.getFirst().getType(); ASN1Encodable vec = requestedRdn.getFirst().getValue(); if (ObjectIdentifiers.DN.dateOfBirth.equals(type)) { if (!(vec instanceof ASN1GeneralizedTime)) { throw new BadCertTemplateException("requested RDN is not of GeneralizedTime"); } return ((ASN1GeneralizedTime) vec).getTimeString(); } else if (ObjectIdentifiers.DN.postalAddress.equals(type)) { if (!(vec instanceof ASN1Sequence)) { throw new BadCertTemplateException("requested RDN is not of Sequence"); } ASN1Sequence seq = (ASN1Sequence) vec; final int n = seq.size(); StringBuilder sb = new StringBuilder(); for (int i = 0; i < n; i++) { ASN1Encodable obj = seq.getObjectAt(i); String textValue = X509Util.rdnValueToString(obj); sb.append("[").append(i).append("]=").append(textValue).append(","); } return sb.toString(); } else { return X509Util.rdnValueToString(vec); } }
Example 10
Source File: DSSASN1Utils.java From dss with GNU Lesser General Public License v2.1 | 5 votes |
public static List<CertificatePolicy> getCertificatePolicies(final CertificateToken certToken) { List<CertificatePolicy> certificatePolicies = new ArrayList<>(); final byte[] certificatePoliciesBinaries = certToken.getCertificate().getExtensionValue(Extension.certificatePolicies.getId()); if (Utils.isArrayNotEmpty(certificatePoliciesBinaries)) { try { ASN1Sequence seq = getAsn1SequenceFromDerOctetString(certificatePoliciesBinaries); for (int ii = 0; ii < seq.size(); ii++) { CertificatePolicy cp = new CertificatePolicy(); final PolicyInformation policyInfo = PolicyInformation.getInstance(seq.getObjectAt(ii)); cp.setOid(policyInfo.getPolicyIdentifier().getId()); ASN1Sequence policyQualifiersSeq = policyInfo.getPolicyQualifiers(); if (policyQualifiersSeq != null) { for (int jj = 0; jj < policyQualifiersSeq.size(); jj++) { PolicyQualifierInfo pqi = PolicyQualifierInfo.getInstance(policyQualifiersSeq.getObjectAt(jj)); if (PolicyQualifierId.id_qt_cps.equals(pqi.getPolicyQualifierId())) { cp.setCpsUrl(getString(pqi.getQualifier())); } } } certificatePolicies.add(cp); } } catch (Exception e) { LOG.warn("Unable to parse the certificatePolicies extension '{}' : {}", Utils.toBase64(certificatePoliciesBinaries), e.getMessage(), e); } } return certificatePolicies; }
Example 11
Source File: DSSASN1Utils.java From dss with GNU Lesser General Public License v2.1 | 5 votes |
/** * Extract the Unsigned Attribute Archive Timestamp Cert Hash Index from a timestampToken * * @param atsHashIndexValue * @return */ public static ASN1Sequence getCertificatesHashIndex(final ASN1Sequence atsHashIndexValue) { if (atsHashIndexValue != null) { int certificateIndex = 0; if (atsHashIndexValue.size() > 3) { certificateIndex++; } return (ASN1Sequence) atsHashIndexValue.getObjectAt(certificateIndex).toASN1Primitive(); } return null; }
Example 12
Source File: DSSASN1Utils.java From dss with GNU Lesser General Public License v2.1 | 5 votes |
private static List<String> getAccessLocations(final CertificateToken certificate, ASN1ObjectIdentifier aiaType) { List<String> locationsUrls = new ArrayList<>(); final byte[] authInfoAccessExtensionValue = certificate.getCertificate().getExtensionValue(Extension.authorityInfoAccess.getId()); if (null == authInfoAccessExtensionValue) { return locationsUrls; } try { ASN1Sequence asn1Sequence = DSSASN1Utils.getAsn1SequenceFromDerOctetString(authInfoAccessExtensionValue); if (asn1Sequence == null || asn1Sequence.size() == 0) { LOG.warn("Empty ASN1Sequence for AuthorityInformationAccess"); return locationsUrls; } AuthorityInformationAccess authorityInformationAccess = AuthorityInformationAccess.getInstance(asn1Sequence); AccessDescription[] accessDescriptions = authorityInformationAccess.getAccessDescriptions(); for (AccessDescription accessDescription : accessDescriptions) { if (aiaType.equals(accessDescription.getAccessMethod())) { GeneralName gn = accessDescription.getAccessLocation(); String location = parseGn(gn); if (location != null) { locationsUrls.add(location); } } } } catch (Exception e) { LOG.error("Unable to parse authorityInfoAccess", e); } return locationsUrls; }
Example 13
Source File: DSSASN1Utils.java From dss with GNU Lesser General Public License v2.1 | 5 votes |
/** * This method extract the PSD2 QcStatement informations for a given certificate * * @param certToken the certificate * @return an instance of {@code PSD2QcType} or null */ public static PSD2QcType getPSD2QcStatement(CertificateToken certToken) { PSD2QcType result = null; final byte[] qcStatement = certToken.getCertificate().getExtensionValue(Extension.qCStatements.getId()); if (Utils.isArrayNotEmpty(qcStatement)) { try { final ASN1Sequence seq = getAsn1SequenceFromDerOctetString(qcStatement); for (int i = 0; i < seq.size(); i++) { final QCStatement statement = QCStatement.getInstance(seq.getObjectAt(i)); if (OID.psd2_qcStatement.equals(statement.getStatementId())) { result = new PSD2QcType(); ASN1Sequence psd2Seq = ASN1Sequence.getInstance(statement.getStatementInfo()); ASN1Sequence rolesSeq = ASN1Sequence.getInstance(psd2Seq.getObjectAt(0)); List<RoleOfPSP> rolesOfPSP = new ArrayList<>(); for (int ii = 0; ii < rolesSeq.size(); ii++) { ASN1Sequence oneRoleSeq = ASN1Sequence.getInstance(rolesSeq.getObjectAt(ii)); RoleOfPSP roleOfPSP = new RoleOfPSP(); ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) oneRoleSeq.getObjectAt(0); roleOfPSP.setPspOid(RoleOfPspOid.fromOid(oid.getId())); roleOfPSP.setPspName(getString(oneRoleSeq.getObjectAt(1))); rolesOfPSP.add(roleOfPSP); } result.setRolesOfPSP(rolesOfPSP); result.setNcaName(getString(psd2Seq.getObjectAt(1))); result.setNcaId(getString(psd2Seq.getObjectAt(2))); } } } catch (Exception e) { LOG.warn("Unable to read QCStatement", e); } } return result; }
Example 14
Source File: AlgorithmConstraintSet.java From signer with GNU Lesser General Public License v3.0 | 5 votes |
@Override public void parse(ASN1Primitive derObject) { ASN1Sequence derSequence = ASN1Object.getDERSequence(derObject); int total = derSequence.size(); if (total > 0) { for (int i = 0; i < total; i++) { ASN1Primitive object = derSequence.getObjectAt(i).toASN1Primitive(); if (object instanceof DERTaggedObject) { DERTaggedObject derTaggedObject = (DERTaggedObject) object; TAG tag = TAG.getTag(derTaggedObject.getTagNo()); switch (tag) { case signerAlgorithmConstraints: this.signerAlgorithmConstraints = new AlgorithmConstraints(); this.signerAlgorithmConstraints.parse(object); break; case eeCertAlgorithmConstraints: this.eeCertAlgorithmConstraints = new AlgorithmConstraints(); this.eeCertAlgorithmConstraints.parse(object); break; case caCertAlgorithmConstraints: this.caCertAlgorithmConstraints = new AlgorithmConstraints(); this.caCertAlgorithmConstraints.parse(object); break; case aaCertAlgorithmConstraints: this.aaCertAlgorithmConstraints = new AlgorithmConstraints(); this.aaCertAlgorithmConstraints.parse(object); break; case tsaCertAlgorithmConstraints: this.tsaCertAlgorithmConstraints = new AlgorithmConstraints(); this.tsaCertAlgorithmConstraints.parse(object); break; default: break; } } } } }
Example 15
Source File: X509Ext.java From portecle with GNU General Public License v2.0 | 5 votes |
/** * Get Policy Constraints (2.5.29.36) extension value as a string. * * <pre> * PolicyConstraints ::= SEQUENCE { * requireExplicitPolicy [0] SkipCerts OPTIONAL, * inhibitPolicyMapping [1] SkipCerts OPTIONAL } * SkipCerts ::= INTEGER (0..MAX) * </pre> * * @param bValue The octet string value * @return Extension value as a string * @throws IOException If an I/O problem occurs */ private String getPolicyConstraintsStringValue(byte[] bValue) throws IOException { // Get sequence of policy constraint ASN1Sequence policyConstraints = (ASN1Sequence) ASN1Primitive.fromByteArray(bValue); StringBuilder strBuff = new StringBuilder(); for (int i = 0, len = policyConstraints.size(); i < len; i++) { DERTaggedObject policyConstraint = (DERTaggedObject) policyConstraints.getObjectAt(i); ASN1Integer skipCerts = new ASN1Integer(((DEROctetString) policyConstraint.getObject()).getOctets()); int iSkipCerts = skipCerts.getValue().intValue(); switch (policyConstraint.getTagNo()) { case 0: // Require Explicit Policy Skip Certs if (strBuff.length() != 0) { strBuff.append("<br><br>"); } strBuff.append(MessageFormat.format(RB.getString("RequireExplicitPolicy"), iSkipCerts)); break; case 1: // Inhibit Policy Mapping Skip Certs if (strBuff.length() != 0) { strBuff.append("<br><br>"); } strBuff.append(MessageFormat.format(RB.getString("InhibitPolicyMapping"), iSkipCerts)); break; } } return strBuff.toString(); }
Example 16
Source File: PolicyInformationUtil.java From keystore-explorer with GNU General Public License v3.0 | 5 votes |
/** * Get string representation of policy information. * * @param policyInformation * Policy information * @return String representation of policy information * @throws IOException * If policy information is invalid */ public static String toString(PolicyInformation policyInformation) throws IOException { StringBuffer sbPolicyInformation = new StringBuffer(); ASN1ObjectIdentifier policyIdentifier = policyInformation.getPolicyIdentifier(); sbPolicyInformation.append(MessageFormat.format(res.getString("PolicyInformationUtil.PolicyIdentifier"), policyIdentifier.getId())); ASN1Sequence policyQualifiers = policyInformation.getPolicyQualifiers(); if (policyQualifiers != null) { sbPolicyInformation.append(", "); StringBuffer sbPolicyQualifiers = new StringBuffer(); for (int i = 0; i < policyQualifiers.size(); i++) { PolicyQualifierInfo policyQualifierInfo = PolicyQualifierInfo.getInstance(policyQualifiers.getObjectAt(i)); sbPolicyQualifiers.append(toString(policyQualifierInfo)); if ((i + 1) < policyQualifiers.size()) { sbPolicyQualifiers.append(", "); } } sbPolicyInformation.append(MessageFormat.format(res.getString("PolicyInformationUtil.PolicyQualifiers"), sbPolicyQualifiers)); } return sbPolicyInformation.toString(); }
Example 17
Source File: ExtensionsChecker.java From xipki with Apache License 2.0 | 5 votes |
private void checkExtnTlsFeature(StringBuilder failureMsg, byte[] extensionValue, Extensions requestedExtns, ExtensionControl extControl) { TlsFeature conf = tlsFeature; if (tlsFeature == null) { checkConstantExtnValue(Extn.id_pe_tlsfeature, failureMsg, extensionValue, requestedExtns, extControl); return; } Set<String> isFeatures = new HashSet<>(); ASN1Sequence seq = ASN1Sequence.getInstance(extensionValue); final int n = seq.size(); for (int i = 0; i < n; i++) { ASN1Integer asn1Feature = ASN1Integer.getInstance(seq.getObjectAt(i)); isFeatures.add(asn1Feature.getPositiveValue().toString()); } Set<String> expFeatures = new HashSet<>(); for (DescribableInt m : conf.getFeatures()) { expFeatures.add(Integer.toString(m.getValue())); } Set<String> diffs = strInBnotInA(expFeatures, isFeatures); if (CollectionUtil.isNotEmpty(diffs)) { failureMsg.append("features ").append(diffs).append(" are present but not expected; "); } diffs = strInBnotInA(isFeatures, expFeatures); if (CollectionUtil.isNotEmpty(diffs)) { failureMsg.append("features ").append(diffs).append(" are absent but are required; "); } }
Example 18
Source File: CRLDistributionPoints.java From keystore-explorer with GNU General Public License v3.0 | 4 votes |
private CRLDistributionPoints(ASN1Sequence seq) { distributionPointList = new ArrayList<>(); for (int i = 0; i != seq.size(); i++) { distributionPointList.add(DistributionPoint.getInstance(seq.getObjectAt(i))); } }
Example 19
Source File: SignedAssertions.java From dss with GNU Lesser General Public License v2.1 | 4 votes |
private SignedAssertions(ASN1Sequence seq) { assertions = new ArrayList<>(seq.size()); for (Enumeration e = seq.getObjects(); e.hasMoreElements();) { assertions.add(SignedAssertion.getInstance(e.nextElement())); } }
Example 20
Source File: CAdESSignature.java From dss with GNU Lesser General Public License v2.1 | 4 votes |
@Override public List<SignerRole> getCertifiedSignerRoles() { final SignerAttribute signerAttr = getSignerAttributeV1(); final SignerAttributeV2 signerAttrV2 = getSignerAttributeV2(); Object[] signerAttrValues = null; try { if (signerAttr != null) { signerAttrValues = signerAttr.getValues(); } else if (signerAttrV2 != null) { signerAttrValues = signerAttrV2.getValues(); } if (signerAttrValues == null) { return Collections.emptyList(); } List<SignerRole> roles = new ArrayList<>(); for (final Object signerAttrValue : signerAttrValues) { if (signerAttrValue instanceof AttributeCertificate) { final AttributeCertificate attributeCertificate = (AttributeCertificate) signerAttrValue; final AttributeCertificateInfo acInfo = attributeCertificate.getAcinfo(); final AttCertValidityPeriod attrCertValidityPeriod = acInfo.getAttrCertValidityPeriod(); final ASN1Sequence attributes = acInfo.getAttributes(); for (int ii = 0; ii < attributes.size(); ii++) { final ASN1Encodable objectAt = attributes.getObjectAt(ii); final org.bouncycastle.asn1.x509.Attribute attribute = org.bouncycastle.asn1.x509.Attribute.getInstance(objectAt); final ASN1Set attrValues1 = attribute.getAttrValues(); ASN1Encodable firstItem = attrValues1.getObjectAt(0); if (firstItem instanceof ASN1Sequence) { ASN1Sequence sequence = (ASN1Sequence) firstItem; RoleSyntax roleSyntax = RoleSyntax.getInstance(sequence); SignerRole certifiedRole = new SignerRole(roleSyntax.getRoleNameAsString(), EndorsementType.CERTIFIED); certifiedRole.setNotBefore(DSSASN1Utils.toDate(attrCertValidityPeriod.getNotBeforeTime())); certifiedRole.setNotAfter(DSSASN1Utils.toDate(attrCertValidityPeriod.getNotAfterTime())); roles.add(certifiedRole); } else { LOG.warn("Unsupported type for RoleSyntax : {}", firstItem == null ? null : firstItem.getClass().getSimpleName()); } } } } return roles; } catch (Exception e) { LOG.error("Error when dealing with certified signer roles : {}", signerAttrValues, e); return Collections.emptyList(); } }