private ByteString pkcs1Bytes() { try { PrivateKeyInfo privateKeyInfo = PrivateKeyInfo.getInstance(keyPair.getPrivate().getEncoded()); return ByteString.of(privateKeyInfo.parsePrivateKey().toASN1Primitive().getEncoded()); } catch (IOException e) { throw new AssertionError(e); } }
protected static GeneralNames getSubjectAlternativeNames( Set<String> sanDnsNames ) { final ASN1EncodableVector subjectAlternativeNames = new ASN1EncodableVector(); if ( sanDnsNames != null ) { for ( final String dnsNameValue : sanDnsNames ) { subjectAlternativeNames.add( new GeneralName( GeneralName.dNSName, dnsNameValue ) ); } } return GeneralNames.getInstance( new DERSequence( subjectAlternativeNames ) ); }
private String asString(ASN1Primitive primitive) { if (primitive == null || primitive instanceof ASN1Null) { return ""; } if (primitive instanceof ASN1String) { return ((ASN1String) primitive).getString(); } if (primitive instanceof DERUTCTime) { return ((DERUTCTime) primitive).getAdjustedTime(); } if (primitive instanceof DERGeneralizedTime) { return ((DERGeneralizedTime) primitive).getTime(); } if (primitive instanceof ASN1ObjectIdentifier) { switch (((ASN1ObjectIdentifier) primitive).getId()) { case "1.3.6.1.5.5.7.8.5": return "xmppAddr"; default: return primitive.toString(); } } return primitive.toString(); } }
try ( final ASN1InputStream decoder = new ASN1InputStream( item ) ) final ASN1Primitive object = decoder.readObject(); final ASN1Sequence otherNameSeq = (ASN1Sequence) object; final ASN1ObjectIdentifier typeId = (ASN1ObjectIdentifier) otherNameSeq.getObjectAt( 0 ); final ASN1TaggedObject taggedValue = (ASN1TaggedObject) otherNameSeq.getObjectAt( 1 ); final int tagNo = taggedValue.getTagNo(); if ( tagNo != 0 ) final ASN1Primitive value = taggedValue.getObject(); switch ( typeId.getId() ) return otherName; Log.debug( "Ignoring subjectAltName 'otherName' type-id '{}' that's neither id-on-xmppAddr nor id-on-dnsSRV.", typeId.getId() ); return null;
private BigInteger getCrlNumber(X509CRL crl) { byte[] crlNumberExtensionValue = crl.getExtensionValue(Extension.cRLNumber.getId()); if (null == crlNumberExtensionValue) { return null; } try { ASN1InputStream asn1IS1 = null, asn1IS2 = null; try { asn1IS1 = new ASN1InputStream(crlNumberExtensionValue); ASN1OctetString octetString = (ASN1OctetString)asn1IS1.readObject(); byte[] octets = octetString.getOctets(); asn1IS2 = new ASN1InputStream(octets); ASN1Integer integer = (ASN1Integer)asn1IS2.readObject(); return integer.getPositiveValue(); } finally { IOUtils.closeQuietly(asn1IS2); IOUtils.closeQuietly(asn1IS1); } } catch (IOException e) { throw new RuntimeException("I/O error: " + e.getMessage(), e); } }
/** * Encodes the signature as a DER sequence (ASN.1 format). */ private byte[] asnEncode(byte[] sigBlob) throws IOException { Buffer.PlainBuffer sigbuf = new Buffer.PlainBuffer(sigBlob); byte[] r = sigbuf.readBytes(); byte[] s = sigbuf.readBytes(); ASN1EncodableVector vector = new ASN1EncodableVector(); vector.add(new ASN1Integer(r)); vector.add(new ASN1Integer(s)); ByteArrayOutputStream baos = new ByteArrayOutputStream(); ASN1OutputStream asnOS = new ASN1OutputStream(baos); asnOS.writeObject(new DERSequence(vector)); asnOS.flush(); return baos.toByteArray(); } }
private static SubjectKeyIdentifier createSubjectKeyIdentifier(Key key) throws IOException { try (ASN1InputStream is = new ASN1InputStream(new ByteArrayInputStream(key.getEncoded()))) { ASN1Sequence seq = (ASN1Sequence) is.readObject(); SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(seq); return new BcX509ExtensionUtils().createSubjectKeyIdentifier(info); } }
/** * Returns subject alternative names for "localhost". * @return the subject alternative names for "localhost". */ private static GeneralNames getLocalhostSubjectAltNames() throws UnknownHostException { InetAddress[] localAddresses = InetAddress.getAllByName("localhost"); GeneralName[] generalNames = new GeneralName[localAddresses.length + 1]; for (int i = 0; i < localAddresses.length; i++) { generalNames[i] = new GeneralName(GeneralName.iPAddress, new DEROctetString(localAddresses[i].getAddress())); } generalNames[generalNames.length - 1] = new GeneralName(GeneralName.dNSName, new DERIA5String("localhost")); return new GeneralNames(generalNames); }
public CertificateBuilder sanIpAddress(InetAddress hostAddress) throws IOException { subjectAltName = new GeneralNames(new GeneralName(GeneralName.iPAddress, new DEROctetString(hostAddress.getAddress()))).getEncoded(); return this; }
private static GeneralName ipGeneralName(InetAddress hostAddress) { return new GeneralName(GeneralName.iPAddress, new DEROctetString(hostAddress.getAddress())); }
@Override public AlgorithmIdentifier findEncryptionAlgorithm(AlgorithmIdentifier id) { // Use the default chooser, but replace dsaWithSha1 with dsa. This is because "dsa" is // accepted by any Android platform whereas "dsaWithSha1" is accepted only since // API Level 9. id = mDefault.findEncryptionAlgorithm(id); if (id != null) { ASN1ObjectIdentifier oid = id.getAlgorithm(); if (X9ObjectIdentifiers.id_dsa_with_sha1.equals(oid)) { return DSA; } } return id; } }
/** * Parse a XmppAddr value as specified in RFC 6120. * * @param xmppAddr The ASN.1 representation of the xmppAddr value (cannot be null). * @return The parsed xmppAddr value. */ protected String parseOtherNameXmppAddr( ASN1Primitive xmppAddr ) { // Get the nested object if the value is an ASN1TaggedObject or a sub-type of it if (ASN1TaggedObject.class.isAssignableFrom(xmppAddr.getClass())) { ASN1TaggedObject taggedObject = (ASN1TaggedObject) xmppAddr; ASN1Primitive objectPrimitive = taggedObject.getObject(); if (ASN1String.class.isAssignableFrom(objectPrimitive.getClass())) { return ((ASN1String) objectPrimitive).getString(); } } // RFC 6120 says that this should be a UTF8String. Lets be tolerant and allow all text-based values. return ( (ASN1String) xmppAddr ).getString(); }
public void fillInto(X509v3CertificateBuilder certGen) throws CertIOException { if (!sans.isEmpty()) { ASN1Encodable[] encodables = sans.toArray(new ASN1Encodable[sans .size()]); certGen.addExtension(Extension.subjectAlternativeName, false, new DERSequence(encodables)); } }
/** * Extract extensions from CSR object */ public static Extensions getExtensionsFromCSR(JcaPKCS10CertificationRequest csr) { Attribute[] attributess = csr.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest); for (Attribute attribute : attributess) { ASN1Set attValue = attribute.getAttrValues(); if (attValue != null) { ASN1Encodable extension = attValue.getObjectAt(0); if (extension instanceof Extensions) { return (Extensions) extension; } else if (extension instanceof DERSequence) { return Extensions.getInstance(extension); } } } return null; }
private String doPrimitive(ASN1Primitive primitive) throws IOException { if (primitive == null || primitive instanceof ASN1Null) { return ""; } else if (primitive instanceof ASN1Sequence) { return doCollection(((ASN1Sequence) primitive).toArray()); } else if (primitive instanceof ASN1Set) { return doCollection(((ASN1Set) primitive).toArray()); } else if (primitive instanceof DERTaggedObject) { final DERTaggedObject tagged = ((DERTaggedObject) primitive); return "<table><tr><td>" + /* tagged.getTagNo() + */ "</td><td>" + doPrimitive(tagged.getObject()) + "</td></tr></table>"; } else { return "<table><tr><td colspan='2'>" + asString(primitive) + "</td></tr></table>"; } }
private String doCollection(ASN1Encodable[] asn1Encodables) throws IOException { switch (asn1Encodables.length) { case 1: // one row, one column return "<table><tr><td colspan='2'>" + doPrimitive(asn1Encodables[0].toASN1Primitive()) + "</td></tr></table>"; case 2: // one row, two columns return "<table><tr><td>" + doPrimitive(asn1Encodables[0].toASN1Primitive()) + "</td>" + "<td>" + doPrimitive(asn1Encodables[1].toASN1Primitive()) + "</td></tr></table>"; default: // a row per per item final StringBuilder sb = new StringBuilder(); for (ASN1Encodable asn1Encodable : asn1Encodables) { sb.append("<table><tr><td colspan='2'>").append(doPrimitive(asn1Encodable.toASN1Primitive())).append("</td></tr></table>"); } return sb.toString(); } }
/** * Parses a SRVName value as specified by RFC 4985. * * This method parses the argument value as a DNS SRV Resource Record. Only when the parsed value refers to an XMPP * related service, the corresponding DNS domain name is returned (minus the service name). * * @param srvName The ASN.1 representation of the srvName value (cannot be null). * @return an XMPP address value, or null when the record does not relate to XMPP. */ protected String parseOtherNameDnsSrv( ASN1Primitive srvName ) { // RFC 4985 says that this should be a IA5 String. Lets be tolerant and allow all text-based values. final String value = ( (ASN1String) srvName ).getString(); if ( value.toLowerCase().startsWith( "_xmpp-server." ) ) { return value.substring( "_xmpp-server.".length() ); } else if ( value.toLowerCase().startsWith( "_xmpp-client." ) ) { return value.substring( "_xmpp-client.".length() ); } else { // Not applicable to XMPP. Ignore. Log.debug( "srvName value '{}' of id-on-dnsSRV record is neither _xmpp-server nor _xmpp-client. It is being ignored.", value ); return null; } }
public PKCS12BagAttributeSetter setFriendlyName(String name) { carrier.setBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString(name)); return this; }
/** * Encodes the signature as a DER sequence (ASN.1 format). */ private byte[] asnEncode(byte[] sigBlob) throws IOException { byte[] r = new BigInteger(1, Arrays.copyOfRange(sigBlob, 0, 20)).toByteArray(); byte[] s = new BigInteger(1, Arrays.copyOfRange(sigBlob, 20, 40)).toByteArray(); ASN1EncodableVector vector = new ASN1EncodableVector(); vector.add(new ASN1Integer(r)); vector.add(new ASN1Integer(s)); ByteArrayOutputStream baos = new ByteArrayOutputStream(); ASN1OutputStream asnOS = new ASN1OutputStream(baos); asnOS.writeObject(new DERSequence(vector)); asnOS.flush(); return baos.toByteArray(); } }
/** * Parse a UPN value * * @param value The ASN.1 representation of the UPN (cannot be null). * @return The parsed UPN value. */ protected String parseOtherNameUpn( ASN1Primitive value ) { String otherName = null; if (value instanceof ASN1TaggedObject) { ASN1TaggedObject taggedObject = (ASN1TaggedObject) value; ASN1Primitive objectPrimitive = taggedObject.getObject(); if (objectPrimitive instanceof ASN1String) { otherName = ((ASN1String)objectPrimitive).getString(); } } if (otherName == null) { Log.warn("UPN type unexpected, UPN extraction failed: " + value.getClass().getName() + ":" + value.toString()); } else { Log.debug("UPN from certificate has value of: " + otherName ); } return otherName; } }