Java Code Examples for org.bouncycastle.asn1.ASN1OctetString#getInstance()

The following examples show how to use org.bouncycastle.asn1.ASN1OctetString#getInstance() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: SFTrustManager.java    From snowflake-jdbc with Apache License 2.0 6 votes vote down vote up 
/**
 * Convert cache key to base64 encoded
 * cert id
 *
 * @param ocsp_cache_key Cache key to encode
 */
private static String encodeCacheKey(OcspResponseCacheKey ocsp_cache_key)
{
  try
  {
    DigestCalculator digest = new SHA1DigestCalculator();
    AlgorithmIdentifier algo = digest.getAlgorithmIdentifier();
    ASN1OctetString nameHash = ASN1OctetString.getInstance(ocsp_cache_key.nameHash);
    ASN1OctetString keyHash = ASN1OctetString.getInstance(ocsp_cache_key.keyHash);
    ASN1Integer snumber = new ASN1Integer(ocsp_cache_key.serialNumber);
    CertID cid = new CertID(algo, nameHash, keyHash, snumber);
    return Base64.encodeBase64String(cid.toASN1Primitive().getEncoded());
  }
  catch (Exception ex)
  {
    LOGGER.debug("Failed to encode cache key to base64 encoded cert id");
  }
  return null;
}
Example 2
Source File: SSDManager.java    From snowflake-jdbc with Apache License 2.0 6 votes vote down vote up 
SFTrustManager.OcspResponseCacheKey getWildCardCertId()
{
  DigestCalculator digest = new SFTrustManager.SHA1DigestCalculator();
  AlgorithmIdentifier algo = digest.getAlgorithmIdentifier();
  ASN1OctetString nameHash = ASN1OctetString.getInstance("0");
  ASN1OctetString keyHash = ASN1OctetString.getInstance("0");
  ASN1Integer serial_number = ASN1Integer.getInstance(0);
  CertID cid = new CertID(algo, nameHash, keyHash, serial_number);
  SFTrustManager.OcspResponseCacheKey keyOcspResp = null;
  try
  {
    keyOcspResp = new SFTrustManager.OcspResponseCacheKey(
        ASN1OctetString.getInstance("0").getEncoded(),
        ASN1OctetString.getInstance("0").getEncoded(),
        ASN1Integer.getInstance(0).getValue());
  }
  catch (Throwable ex)
  {
    LOGGER.debug("Could not create wildcard certid as cache key");
    keyOcspResp = null;
  }
  return keyOcspResp;
}
Example 3
Source File: SM2PublicKey.java    From gmhelper with Apache License 2.0 5 votes vote down vote up 
@Override
public byte[] getEncoded() {
    ASN1OctetString p = ASN1OctetString.getInstance(
        new X9ECPoint(getQ(), withCompression).toASN1Primitive());

    // stored curve is null if ImplicitlyCa
    SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(
        new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, ID_SM2_PUBKEY_PARAM),
        p.getOctets());

    return KeyUtil.getEncodedSubjectPublicKeyInfo(info);
}
Example 4
Source File: SFTrustManager.java    From snowflake-jdbc with Apache License 2.0 5 votes vote down vote up 
/**
 * Encode OCSP Response Cache to JSON
 *
 * @return JSON object
 */
private static ObjectNode encodeCacheToJSON()
{
  try
  {
    ObjectNode out = OBJECT_MAPPER.createObjectNode();
    for (Map.Entry<OcspResponseCacheKey, SFPair<Long, String>> elem :
        OCSP_RESPONSE_CACHE.entrySet())
    {
      OcspResponseCacheKey key = elem.getKey();
      SFPair<Long, String> value0 = elem.getValue();
      long currentTimeSecond = value0.left;

      DigestCalculator digest = new SHA1DigestCalculator();
      AlgorithmIdentifier algo = digest.getAlgorithmIdentifier();
      ASN1OctetString nameHash = ASN1OctetString.getInstance(key.nameHash);
      ASN1OctetString keyHash = ASN1OctetString.getInstance(key.keyHash);
      ASN1Integer serialNumber = new ASN1Integer(key.serialNumber);
      CertID cid = new CertID(algo, nameHash, keyHash, serialNumber);
      ArrayNode vout = OBJECT_MAPPER.createArrayNode();
      vout.add(currentTimeSecond);
      vout.add(value0.right);
      out.set(
          Base64.encodeBase64String(cid.toASN1Primitive().getEncoded()),
          vout);
    }
    return out;
  }
  catch (IOException ex)
  {
    LOGGER.debug("Failed to encode ASN1 object.");
  }
  return null;
}
Example 5
Source File: HFCAClientIT.java    From fabric-sdk-java with Apache License 2.0 4 votes vote down vote up 
@Test
public void testCertificateRevoke() throws Exception {

    SampleUser user = getTestUser(TEST_USER1_ORG);

    if (!user.isRegistered()) {
        RegistrationRequest rr = new RegistrationRequest(user.getName(), TEST_USER1_AFFILIATION);
        String password = "testUserRevoke";
        rr.setSecret(password);
        rr.addAttribute(new Attribute("user.role", "department lead"));
        rr.addAttribute(new Attribute(HFCAClient.HFCA_ATTRIBUTE_HFREVOKER, "true"));
        user.setEnrollmentSecret(client.register(rr, admin)); // Admin can register other users.
        if (!user.getEnrollmentSecret().equals(password)) {
            fail("Secret returned from RegistrationRequest not match : " + user.getEnrollmentSecret());
        }
    }

    if (!user.isEnrolled()) {
        EnrollmentRequest req = new EnrollmentRequest(DEFAULT_PROFILE_NAME, "label 2", null);
        req.addHost("example3.ibm.com");
        user.setEnrollment(client.enroll(user.getName(), user.getEnrollmentSecret(), req));
    }

    // verify
    String cert = user.getEnrollment().getCert();

    BufferedInputStream pem = new BufferedInputStream(new ByteArrayInputStream(cert.getBytes()));
    CertificateFactory certFactory = CertificateFactory.getInstance(Config.getConfig().getCertificateFormat());
    X509Certificate certificate = (X509Certificate) certFactory.generateCertificate(pem);

    // get its serial number
    String serial = DatatypeConverter.printHexBinary(certificate.getSerialNumber().toByteArray());

    // get its aki
    // 2.5.29.35 : AuthorityKeyIdentifier
    byte[] extensionValue = certificate.getExtensionValue(Extension.authorityKeyIdentifier.getId());
    ASN1OctetString akiOc = ASN1OctetString.getInstance(extensionValue);
    String aki = DatatypeConverter.printHexBinary(AuthorityKeyIdentifier.getInstance(akiOc.getOctets()).getKeyIdentifier());

    int startedWithRevokes = -1;

    if (!testConfig.isRunningAgainstFabric10()) {
        Thread.sleep(1000); //prevent clock skewing. make sure we request started with revokes.
        startedWithRevokes = getRevokes(null).length; //one more after we do this revoke.
        Thread.sleep(1000); //prevent clock skewing. make sure we request started with revokes.
    }

    // revoke all enrollment of this user
    client.revoke(admin, serial, aki, "revoke certificate");
    if (!testConfig.isRunningAgainstFabric10()) {

        final int newRevokes = getRevokes(null).length;

        assertEquals(format("Expected one more revocation %d, but got %d", startedWithRevokes + 1, newRevokes), startedWithRevokes + 1, newRevokes);
    }
}
Example 6
Source File: CertificateModel.java    From Spark with Apache License 2.0 4 votes vote down vote up 
private String policyMappingsExtractor(X509Certificate cert) {
	ASN1OctetString oct = ASN1OctetString.getInstance(cert.getExtensionValue(Extension.policyMappings.toString()));
	return oct.toString();
}
Example 7
Source File: Asn1Dump.java    From keystore-explorer with GNU General Public License v3.0 3 votes vote down vote up 
/**
 * Get dump of the supplied X.509 extension.
 *
 * @param extension
 *            X.509 extension
 * @return Dump of extension
 * @throws Asn1Exception
 *             A problem was encountered getting the ASN.1 dump
 * @throws IOException
 *             If an I/O problem occurred
 */
public String dump(X509Ext extension) throws Asn1Exception, IOException {
	try {
		ASN1OctetString octetString = ASN1OctetString.getInstance(extension.getValue());
		byte[] octets = octetString.getOctets();

		return dump(octets);
	} catch (IOException ex) {
		throw new Asn1Exception(res.getString("NoAsn1DumpObject.exception.message"), ex);
	}
}