org.bouncycastle.asn1.x509.IssuerSerial Java Examples
The following examples show how to use
org.bouncycastle.asn1.x509.IssuerSerial.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SigningCertificate.java From signer with GNU Lesser General Public License v3.0 | 6 votes |
|
@Override
public Attribute getValue() {
try {
X509Certificate cert = (X509Certificate) certificates[0];
Digest digest = DigestFactory.getInstance().factoryDefault();
digest.setAlgorithm(DigestAlgorithmEnum.SHA_1);
byte[] hash = digest.digest(cert.getEncoded());
X500Name dirName = new X500Name(cert.getSubjectDN().getName());
GeneralName name = new GeneralName(dirName);
GeneralNames issuer = new GeneralNames(name);
ASN1Integer serial = new ASN1Integer(cert.getSerialNumber());
IssuerSerial issuerSerial = new IssuerSerial(issuer, serial);
ESSCertID essCertId = new ESSCertID(hash, issuerSerial);
return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new DERSequence(new ASN1Encodable[]{new DERSequence(essCertId), new DERSequence(DERNull.INSTANCE)})));
} catch (CertificateEncodingException ex) {
throw new SignerException(ex.getMessage());
}
}
Example #2
| Source File: SigningCertificateV2.java From signer with GNU Lesser General Public License v3.0 | 6 votes |
|
@Override
public Attribute getValue() throws SignerException {
try {
X509Certificate cert = (X509Certificate) certificates[0];
X509Certificate issuerCert = (X509Certificate) certificates[1];
Digest digest = DigestFactory.getInstance().factoryDefault();
digest.setAlgorithm(DigestAlgorithmEnum.SHA_256);
byte[] certHash = digest.digest(cert.getEncoded());
X500Name dirName = new X500Name(issuerCert.getSubjectX500Principal().getName());
GeneralName name = new GeneralName(dirName);
GeneralNames issuer = new GeneralNames(name);
ASN1Integer serialNumber = new ASN1Integer(cert.getSerialNumber());
IssuerSerial issuerSerial = new IssuerSerial(issuer, serialNumber);
AlgorithmIdentifier algId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256);// SHA-256
ESSCertIDv2 essCertIDv2 = new ESSCertIDv2(algId, certHash, issuerSerial);
// return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new DERSequence(essCertIDv2)));
return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new DERSequence(
new ASN1Encodable[] { new DERSequence(essCertIDv2) })));
} catch (CertificateEncodingException ex) {
throw new SignerException(ex.getMessage());
}
}
Example #3
| Source File: XAdESCertificateRefExtractionUtils.java From dss with GNU Lesser General Public License v2.1 | 5 votes |
|
private static CertificateIdentifier getCertificateIdentifierV2(Element certRefElement, XAdESPaths xadesPaths) {
final Element issuerSerialV2Element = DomUtils.getElement(certRefElement, xadesPaths.getCurrentIssuerSerialV2Path());
if (issuerSerialV2Element == null) {
// Tag issuerSerialV2 is optional
return null;
}
final String textContent = issuerSerialV2Element.getTextContent();
IssuerSerial issuerSerial = DSSASN1Utils.getIssuerSerial(Utils.fromBase64(textContent));
return DSSASN1Utils.toCertificateIdentifier(issuerSerial);
}
Example #4
| Source File: XAdESBuilder.java From dss with GNU Lesser General Public License v2.1 | 5 votes |
|
protected void incorporateIssuerV2(final Element parentDom, final CertificateToken certificate) {
final Element issuerSerialDom = DomUtils.addElement(documentDom, parentDom, getXadesNamespace(), getCurrentXAdESElements().getElementIssuerSerialV2());
IssuerSerial issuerSerial = DSSASN1Utils.getIssuerSerial(certificate);
String issuerBase64 = Utils.toBase64(DSSASN1Utils.getDEREncoded(issuerSerial));
DomUtils.setTextNode(documentDom, issuerSerialDom, issuerBase64);
}
Example #5
| Source File: IssuerV2Test.java From dss with GNU Lesser General Public License v2.1 | 5 votes |
|
@Test
public void test() throws IOException {
String certB64 = "MIIFeDCCBGCgAwIBAgIHAJAJnM9KvzANBgkqhkiG9w0BAQsFADBPMQswCQYDVQQGEwJGUjENMAsGA1UEChMERVRTSTEcMBoGA1UECwwTUGx1Z3Rlc3RzXzIwMTUtMjAxNjETMBEGA1UEAxMKTGV2ZWxCQ0FPSzAeFw0xNjExMDkxNDQzNTNaFw0xNzAyMDkxNDQzNTNaMGExCzAJBgNVBAYTAkhVMRQwEgYDVQQKEwtkZXZlbG9wbWVudDERMA8GA1UEBBMIQ3pla21hbnkxDzANBgNVBCoTBkJhbGF6czEYMBYGA1UEAxMPQmFsYXpzIEN6ZWttYW55MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAje9XQHZkVc+7Z6wvi9qWB6Dsfg9/9tRzbzwVEIIBQ0y7l6FWPQUjrIjrSPX1CvSNAufimJRCdsOkZoqZTxax+iRE8eVUOWjXZgfhhZzO10BBZsFY2o1sMwMR3QeYTvMuK5ltnNSlp0fegntNLU/vub4vI+YMfaFc0CfbRuhxnF/3+unOuBe2hLskn9IzlKrLVJg4R2oC7oH7nqYnnI5SemJKpNL/SniyNgewSSeY5/g7qZ2k+Ua3f51IiWnKMAQhzSIQSB1L+HsPtzv2NzYDmmqFmWGvEonQlpfz87EfgP16vP6wT3HIxe5r2Ufn7YwOIYpwTTEWnyWdGMaG3ImdMwIDAQABo4ICRTCCAkEwDgYDVR0PAQH/BAQDAgeAMIIBCgYIKwYBBQUHAQEEgf0wgfowRwYIKwYBBQUHMAKGO2h0dHA6Ly9lc2lnLXBvcnRhbC5ldHNpLm9yZy9jYXBzby9jZXJ0cy9TQ09LL0xldmVsQkNBT0suY2VyMG0GCCsGAQUFBzAChmFsZGFwOi8vZXNpZy1wb3J0YWwuZXRzaS5vcmcvQ049TGV2ZWxCQ0FPSyxPVT1QbHVndGVzdHNfMjAxNi0yMDE3LE89RVRTSSxDPUZSP2NBQ2VydGlmaWNhdGU7YmluYXJ5MEAGCCsGAQUFBzABhjRodHRwOi8vZXNpZy1wb3J0YWwuZXRzaS5vcmcvY2Fwc28vb2NzcD9jYT1MZXZlbEJDQU9LMB8GA1UdIwQYMBaAFChS6qb2PY61Xi7tip03rqP7Xg0QMIG/BgNVHR8EgbcwgbQwgbGgga6ggauGbWxkYXA6Ly9lc2lnLXBvcnRhbC5ldHNpLm9yZy9DTj1MZXZlbEJDQU9LLE9VPVBsdWd0ZXN0c18yMDE2LTIwMTcsTz1FVFNJLEM9RlI/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdDtiaW5hcnmGOmh0dHA6Ly9lc2lnLXBvcnRhbC5ldHNpLm9yZy9jYXBzby9jcmxzL1NDT0stTGV2ZWxCQ0FPSy5jcmwwHwYDVR0RBBgwFoEUY3pla21hbnlAbWljcm9zZWMuaHUwHQYDVR0OBBYEFMqOCLybW2+yshHgmaNDY0DuyK0eMA0GCSqGSIb3DQEBCwUAA4IBAQA0VsA19UiNIXTWOi5kZS9OeNNWen59UVaM4YpUzVbuViASA+S6dGvJO0hXFeZouou4VHUaHq/l8h8TR/1nsJCnMbaTa8tPt46ThNtGmn0lVm0AavU4NzDPo5t0LLgkGL78mFYUmY3ZHOOehSkLfU5GdLrRKziCXbTaPK0TxTj+eQuVOarIo9wo+cjmGOs42pfSlfpSSOxQ+iO3mdbVhCJWK+demryqnZRkmI+BsQdMi/i9+92kWaripzYUaOTzHqRwtrHvefDQNjDkA/oAZ78d/zMG88hnXfMAiVGg4ZfNjW1sic8ffKxHpSskjBTr7VBin32/Lqc+XIUFM1hB+jBO";
CertificateToken certificate = DSSUtils.loadCertificateFromBase64EncodedString(certB64);
assertNotNull(certificate);
IssuerSerial issuerSerial = DSSASN1Utils.getIssuerSerial(certificate);
String b64 = Utils.toBase64(DSSASN1Utils.getDEREncoded(issuerSerial));
assertEquals("MF4wU6RRME8xCzAJBgNVBAYTAkZSMQ0wCwYDVQQKEwRFVFNJMRwwGgYDVQQLDBNQbHVndGVzdHNfMjAxNS0yMDE2MRMwEQYDVQQDEwpMZXZlbEJDQU9LAgcAkAmcz0q/", b64);
}
Example #6
| Source File: DSSASN1Utils.java From dss with GNU Lesser General Public License v2.1 | 5 votes |
|
/**
* This method returns a new IssuerSerial based on the certificate token
*
* @param certToken
* the certificate token
* @return a IssuerSerial
*/
public static IssuerSerial getIssuerSerial(final CertificateToken certToken) {
final X500Name issuerX500Name = getX509CertificateHolder(certToken).getIssuer();
final GeneralName generalName = new GeneralName(issuerX500Name);
final GeneralNames generalNames = new GeneralNames(generalName);
final BigInteger serialNumber = certToken.getCertificate().getSerialNumber();
return new IssuerSerial(generalNames, serialNumber);
}
Example #7
| Source File: DSSASN1Utils.java From dss with GNU Lesser General Public License v2.1 | 5 votes |
|
public static IssuerSerial getIssuerSerial(byte[] binaries) {
try (ASN1InputStream is = new ASN1InputStream(binaries)) {
ASN1Sequence seq = (ASN1Sequence) is.readObject();
return IssuerSerial.getInstance(seq);
} catch (Exception e) {
LOG.error("Unable to decode IssuerSerialV2 textContent '{}' : {}", Utils.toBase64(binaries), e.getMessage(), e);
return null;
}
}
Example #8
| Source File: DSSASN1Utils.java From dss with GNU Lesser General Public License v2.1 | 5 votes |
|
/**
* Transforms an object of class {@code IssuerSerial} into instance of
* {@code CertificateIdentifier}
*
* @param issuerAndSerial {@link IssuerSerial} to transform
* @return {@link CertificateIdentifier}
*/
public static CertificateIdentifier toCertificateIdentifier(IssuerSerial issuerAndSerial) {
if (issuerAndSerial == null) {
return null;
}
try {
CertificateIdentifier certificateIdentifier = new CertificateIdentifier();
GeneralNames gnames = issuerAndSerial.getIssuer();
if (gnames != null) {
GeneralName[] names = gnames.getNames();
if (names.length == 1) {
certificateIdentifier.setIssuerName(new X500Principal(names[0].getName().toASN1Primitive().getEncoded(ASN1Encoding.DER)));
} else {
LOG.warn("More than one GeneralName");
}
}
ASN1Integer serialNumber = issuerAndSerial.getSerial();
if (serialNumber != null) {
certificateIdentifier.setSerialNumber(serialNumber.getValue());
}
return certificateIdentifier;
} catch (Exception e) {
LOG.error("Unable to read the IssuerSerial object", e);
return null;
}
}
Example #9
| Source File: CertificateIdentifier.java From dss with GNU Lesser General Public License v2.1 | 5 votes |
|
/**
* Returns DER-encoded IssuerSerial representation of the object.
* NOTE: the issuerName and SerialNumber must be defined! Returns null in the opposite case
*
* @return a byte array of the encoded IssuerSerial
*/
public byte[] getIssuerSerialEncoded() {
if (issuerName != null && serialNumber != null) {
final X500Name issuerX500Name = X500Name.getInstance(issuerName.getEncoded());
final GeneralName generalName = new GeneralName(issuerX500Name);
final GeneralNames generalNames = new GeneralNames(generalName);
IssuerSerial issuerSerial = new IssuerSerial(generalNames, serialNumber);
return DSSASN1Utils.getDEREncoded(issuerSerial);
}
return null;
}
Example #10
| Source File: DSSASN1UtilsTest.java From dss with GNU Lesser General Public License v2.1 | 5 votes |
|
@Test
public void getIssuerSerialFromCert() {
IssuerSerial issuerSerial = DSSASN1Utils.getIssuerSerial(certificateWithAIA);
assertNotNull(issuerSerial);
assertNotNull(issuerSerial.getIssuer());
assertNotNull(issuerSerial.getSerial());
}
Example #11
| Source File: DSSASN1UtilsTest.java From dss with GNU Lesser General Public License v2.1 | 5 votes |
|
@Test
public void getIssuerInfo() {
String issuerV2base64 = "MFYwUaRPME0xEDAOBgNVBAMMB2dvb2QtY2ExGTAXBgNVBAoMEE5vd2luYSBTb2x1dGlvbnMxETAPBgNVBAsMCFBLSS1URVNUMQswCQYDVQQGEwJMVQIBCg==";
IssuerSerial issuerInfo = DSSASN1Utils.getIssuerSerial(Utils.fromBase64(issuerV2base64));
assertNotNull(issuerInfo);
assertNotNull(issuerInfo.getIssuer());
assertNotNull(issuerInfo.getSerial());
}
Example #12
| Source File: X509Ext.java From keystore-explorer with GNU General Public License v3.0 | 4 votes |
|
private String getProcurationStringValue(byte[] octets) throws IOException {
// @formatter:off
/*
ProcurationSyntax ::= SEQUENCE
{
country [1] EXPLICIT PrintableString(SIZE(2)) OPTIONAL,
typeOfSubstitution [2] EXPLICIT DirectoryString(SIZE(1..128)) OPTIONAL,
signingFor [3] EXPLICIT SigningFor
}
SigningFor ::= CHOICE
{
thirdPerson GeneralName,
certRef IssuerSerial
}
*/
// @formatter:on
StringBuilder sb = new StringBuilder();
ProcurationSyntax procurationSyntax = ProcurationSyntax.getInstance(octets);
String country = procurationSyntax.getCountry();
DirectoryString typeOfSubstitution = procurationSyntax.getTypeOfSubstitution();
GeneralName thirdPerson = procurationSyntax.getThirdPerson();
IssuerSerial certRef = procurationSyntax.getCertRef();
if (country != null) {
sb.append(MessageFormat.format(res.getString("Procuration.Country"), country));
sb.append(NEWLINE);
}
if (typeOfSubstitution != null) {
sb.append(MessageFormat.format(res.getString("Procuration.TypeOfSubstitution"),
typeOfSubstitution.toString()));
sb.append(NEWLINE);
}
if (thirdPerson != null) {
sb.append(MessageFormat.format(res.getString("Procuration.ThirdPerson"),
GeneralNameUtil.toString(thirdPerson)));
sb.append(NEWLINE);
}
if (certRef != null) {
sb.append(res.getString("Procuration.CertRef"));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(res.getString("Procuration.CertRef.Issuer"));
for (GeneralName generalName : certRef.getIssuer().getNames()) {
sb.append(INDENT);
sb.append(INDENT);
sb.append(GeneralNameUtil.toString(generalName));
sb.append(NEWLINE);
}
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(MessageFormat.format(res.getString("Procuration.CertRef.SN"),
HexUtil.getHexString(certRef.getSerial().getValue())));
sb.append(NEWLINE);
}
return sb.toString();
}
