Java Code Examples for sun.security.util.DerValue#tag_Sequence()
The following examples show how to use
sun.security.util.DerValue#tag_Sequence() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: DSA.java From openjdk-jdk8u with GNU General Public License v2.0 | 6 votes |
|
/**
* Sign all the data thus far updated. The signature is formatted
* according to the Canonical Encoding Rules, returned as a DER
* sequence of Integer, r and s.
*
* @return a signature block formatted according to the Canonical
* Encoding Rules.
*
* @exception SignatureException if the signature object was not
* properly initialized, or if another exception occurs.
*
* @see sun.security.DSA#engineUpdate
* @see sun.security.DSA#engineVerify
*/
protected byte[] engineSign() throws SignatureException {
BigInteger k = generateK(presetQ);
BigInteger r = generateR(presetP, presetQ, presetG, k);
BigInteger s = generateS(presetX, presetQ, r, k);
try {
DerOutputStream outseq = new DerOutputStream(100);
outseq.putInteger(r);
outseq.putInteger(s);
DerValue result = new DerValue(DerValue.tag_Sequence,
outseq.toByteArray());
return result.toByteArray();
} catch (IOException e) {
throw new SignatureException("error encoding signature");
}
}
Example 2
| Source File: ECPrivateKeyImpl.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
|
/**
* Construct a key from its components. Used by the
* KeyFactory.
*/
ECPrivateKeyImpl(BigInteger s, ECParameterSpec params)
throws InvalidKeyException {
this.s = s;
this.params = params;
// generate the encoding
algid = new AlgorithmId
(AlgorithmId.EC_oid, ECParameters.getAlgorithmParameters(params));
try {
DerOutputStream out = new DerOutputStream();
out.putInteger(1); // version 1
byte[] privBytes = ECUtil.trimZeroes(s.toByteArray());
out.putOctetString(privBytes);
DerValue val =
new DerValue(DerValue.tag_Sequence, out.toByteArray());
key = val.toByteArray();
} catch (IOException exc) {
// should never occur
throw new InvalidKeyException(exc);
}
}
Example 3
| Source File: CertificatePoliciesExtension.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 6 votes |
|
/**
* Create the extension from its DER encoded value and criticality.
*
* @param critical true if the extension is to be treated as critical.
* @param value an array of DER encoded bytes of the actual value.
* @exception ClassCastException if value is not an array of bytes
* @exception IOException on error.
*/
public CertificatePoliciesExtension(Boolean critical, Object value)
throws IOException {
this.extensionId = PKIXExtensions.CertificatePolicies_Id;
this.critical = critical.booleanValue();
this.extensionValue = (byte[]) value;
DerValue val = new DerValue(this.extensionValue);
if (val.tag != DerValue.tag_Sequence) {
throw new IOException("Invalid encoding for " +
"CertificatePoliciesExtension.");
}
certPolicies = new ArrayList<PolicyInformation>();
while (val.data.available() != 0) {
DerValue seq = val.data.getDerValue();
PolicyInformation policy = new PolicyInformation(seq);
certPolicies.add(policy);
}
}
Example 4
| Source File: ExtendedKeyUsageExtension.java From TencentKona-8 with GNU General Public License v2.0 | 6 votes |
|
/**
* Create the extension from its DER encoded value and criticality.
*
* @param critical true if the extension is to be treated as critical.
* @param value an array of DER encoded bytes of the actual value.
* @exception ClassCastException if value is not an array of bytes
* @exception IOException on error.
*/
public ExtendedKeyUsageExtension(Boolean critical, Object value)
throws IOException {
this.extensionId = PKIXExtensions.ExtendedKeyUsage_Id;
this.critical = critical.booleanValue();
this.extensionValue = (byte[]) value;
DerValue val = new DerValue(this.extensionValue);
if (val.tag != DerValue.tag_Sequence) {
throw new IOException("Invalid encoding for " +
"ExtendedKeyUsageExtension.");
}
keyUsages = new Vector<ObjectIdentifier>();
while (val.data.available() != 0) {
DerValue seq = val.data.getDerValue();
ObjectIdentifier usage = seq.getOID();
keyUsages.addElement(usage);
}
}
Example 5
| Source File: PolicyInformation.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
|
/**
* Create an instance of PolicyInformation, decoding from
* the passed DerValue.
*
* @param val the DerValue to construct the PolicyInformation from.
* @exception IOException on decoding errors.
*/
public PolicyInformation(DerValue val) throws IOException {
if (val.tag != DerValue.tag_Sequence) {
throw new IOException("Invalid encoding of PolicyInformation");
}
policyIdentifier = new CertificatePolicyId(val.data.getDerValue());
if (val.data.available() != 0) {
policyQualifiers = new LinkedHashSet<PolicyQualifierInfo>();
DerValue opt = val.data.getDerValue();
if (opt.tag != DerValue.tag_Sequence)
throw new IOException("Invalid encoding of PolicyInformation");
if (opt.data.available() == 0)
throw new IOException("No data available in policyQualifiers");
while (opt.data.available() != 0)
policyQualifiers.add(new PolicyQualifierInfo
(opt.data.getDerValue().toByteArray()));
} else {
policyQualifiers = Collections.emptySet();
}
}
Example 6
| Source File: DSA.java From jdk8u60 with GNU General Public License v2.0 | 6 votes |
|
/**
* Sign all the data thus far updated. The signature is formatted
* according to the Canonical Encoding Rules, returned as a DER
* sequence of Integer, r and s.
*
* @return a signature block formatted according to the Canonical
* Encoding Rules.
*
* @exception SignatureException if the signature object was not
* properly initialized, or if another exception occurs.
*
* @see sun.security.DSA#engineUpdate
* @see sun.security.DSA#engineVerify
*/
protected byte[] engineSign() throws SignatureException {
BigInteger k = generateK(presetQ);
BigInteger r = generateR(presetP, presetQ, presetG, k);
BigInteger s = generateS(presetX, presetQ, r, k);
try {
DerOutputStream outseq = new DerOutputStream(100);
outseq.putInteger(r);
outseq.putInteger(s);
DerValue result = new DerValue(DerValue.tag_Sequence,
outseq.toByteArray());
return result.toByteArray();
} catch (IOException e) {
throw new SignatureException("error encoding signature");
}
}
Example 7
| Source File: SubjectInfoAccessExtension.java From TencentKona-8 with GNU General Public License v2.0 | 6 votes |
|
/**
* Create the extension from the passed DER encoded value of the same.
*
* @param critical true if the extension is to be treated as critical.
* @param value Array of DER encoded bytes of the actual value.
* @exception IOException on error.
*/
public SubjectInfoAccessExtension(Boolean critical, Object value)
throws IOException {
this.extensionId = PKIXExtensions.SubjectInfoAccess_Id;
this.critical = critical.booleanValue();
if (!(value instanceof byte[])) {
throw new IOException("Illegal argument type");
}
extensionValue = (byte[])value;
DerValue val = new DerValue(extensionValue);
if (val.tag != DerValue.tag_Sequence) {
throw new IOException("Invalid encoding for " +
"SubjectInfoAccessExtension.");
}
accessDescriptions = new ArrayList<AccessDescription>();
while (val.data.available() != 0) {
DerValue seq = val.data.getDerValue();
AccessDescription accessDescription = new AccessDescription(seq);
accessDescriptions.add(accessDescription);
}
}
Example 8
| Source File: SubjectInfoAccessExtension.java From jdk8u_jdk with GNU General Public License v2.0 | 6 votes |
|
/**
* Create the extension from the passed DER encoded value of the same.
*
* @param critical true if the extension is to be treated as critical.
* @param value Array of DER encoded bytes of the actual value.
* @exception IOException on error.
*/
public SubjectInfoAccessExtension(Boolean critical, Object value)
throws IOException {
this.extensionId = PKIXExtensions.SubjectInfoAccess_Id;
this.critical = critical.booleanValue();
if (!(value instanceof byte[])) {
throw new IOException("Illegal argument type");
}
extensionValue = (byte[])value;
DerValue val = new DerValue(extensionValue);
if (val.tag != DerValue.tag_Sequence) {
throw new IOException("Invalid encoding for " +
"SubjectInfoAccessExtension.");
}
accessDescriptions = new ArrayList<AccessDescription>();
while (val.data.available() != 0) {
DerValue seq = val.data.getDerValue();
AccessDescription accessDescription = new AccessDescription(seq);
accessDescriptions.add(accessDescription);
}
}
Example 9
| Source File: SigningCertificateInfo.java From Bytecoder with Apache License 2.0 | 6 votes |
|
public void parse(byte[] bytes) throws IOException {
// Parse signingCertificate
DerValue derValue = new DerValue(bytes);
if (derValue.tag != DerValue.tag_Sequence) {
throw new IOException("Bad encoding for signingCertificate");
}
// Parse certs
DerValue[] certs = derValue.data.getSequence(1);
certId = new ESSCertId[certs.length];
for (int i = 0; i < certs.length; i++) {
certId[i] = new ESSCertId(certs[i]);
}
// Parse policies, if present
if (derValue.data.available() > 0) {
DerValue[] policies = derValue.data.getSequence(1);
for (int i = 0; i < policies.length; i++) {
// parse PolicyInformation
}
}
}
Example 10
| Source File: ExtendedKeyUsageExtension.java From openjdk-8 with GNU General Public License v2.0 | 6 votes |
|
/**
* Create the extension from its DER encoded value and criticality.
*
* @param critical true if the extension is to be treated as critical.
* @param value an array of DER encoded bytes of the actual value.
* @exception ClassCastException if value is not an array of bytes
* @exception IOException on error.
*/
public ExtendedKeyUsageExtension(Boolean critical, Object value)
throws IOException {
this.extensionId = PKIXExtensions.ExtendedKeyUsage_Id;
this.critical = critical.booleanValue();
this.extensionValue = (byte[]) value;
DerValue val = new DerValue(this.extensionValue);
if (val.tag != DerValue.tag_Sequence) {
throw new IOException("Invalid encoding for " +
"ExtendedKeyUsageExtension.");
}
keyUsages = new Vector<ObjectIdentifier>();
while (val.data.available() != 0) {
DerValue seq = val.data.getDerValue();
ObjectIdentifier usage = seq.getOID();
keyUsages.addElement(usage);
}
}
Example 11
| Source File: CertificatePoliciesExtension.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
|
/**
* Create the extension from its DER encoded value and criticality.
*
* @param critical true if the extension is to be treated as critical.
* @param value an array of DER encoded bytes of the actual value.
* @exception ClassCastException if value is not an array of bytes
* @exception IOException on error.
*/
public CertificatePoliciesExtension(Boolean critical, Object value)
throws IOException {
this.extensionId = PKIXExtensions.CertificatePolicies_Id;
this.critical = critical.booleanValue();
this.extensionValue = (byte[]) value;
DerValue val = new DerValue(this.extensionValue);
if (val.tag != DerValue.tag_Sequence) {
throw new IOException("Invalid encoding for " +
"CertificatePoliciesExtension.");
}
certPolicies = new ArrayList<PolicyInformation>();
while (val.data.available() != 0) {
DerValue seq = val.data.getDerValue();
PolicyInformation policy = new PolicyInformation(seq);
certPolicies.add(policy);
}
}
Example 12
| Source File: SigningCertificateInfo.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
|
public void parse(byte[] bytes) throws IOException {
// Parse signingCertificate
DerValue derValue = new DerValue(bytes);
if (derValue.tag != DerValue.tag_Sequence) {
throw new IOException("Bad encoding for signingCertificate");
}
// Parse certs
DerValue[] certs = derValue.data.getSequence(1);
certId = new ESSCertId[certs.length];
for (int i = 0; i < certs.length; i++) {
certId[i] = new ESSCertId(certs[i]);
}
// Parse policies, if present
if (derValue.data.available() > 0) {
DerValue[] policies = derValue.data.getSequence(1);
for (int i = 0; i < policies.length; i++) {
// parse PolicyInformation
}
}
}
Example 13
| Source File: PolicyQualifierInfo.java From jdk1.8-source-analysis with Apache License 2.0 | 6 votes |
|
/**
* Creates an instance of {@code PolicyQualifierInfo} from the
* encoded bytes. The encoded byte array is copied on construction.
*
* @param encoded a byte array containing the qualifier in DER encoding
* @exception IOException thrown if the byte array does not represent a
* valid and parsable policy qualifier
*/
public PolicyQualifierInfo(byte[] encoded) throws IOException {
mEncoded = encoded.clone();
DerValue val = new DerValue(mEncoded);
if (val.tag != DerValue.tag_Sequence)
throw new IOException("Invalid encoding for PolicyQualifierInfo");
mId = (val.data.getDerValue()).getOID().toString();
byte [] tmp = val.data.toByteArray();
if (tmp == null) {
mData = null;
} else {
mData = new byte[tmp.length];
System.arraycopy(tmp, 0, mData, 0, tmp.length);
}
}
Example 14
| Source File: X509CertSelectorTest.java From jdk8u-jdk with GNU General Public License v2.0 | 5 votes |
|
private ObjectIdentifier getCertPubKeyAlgOID(X509Certificate xcert) throws IOException {
byte[] encodedKey = xcert.getPublicKey().getEncoded();
DerValue val = new DerValue(encodedKey);
if (val.tag != DerValue.tag_Sequence) {
throw new RuntimeException("invalid key format");
}
return AlgorithmId.parse(val.data.getDerValue()).getOID();
}
Example 15
| Source File: X509CertSelector.java From hottub with GNU General Public License v2.0 | 5 votes |
|
private boolean matchSubjectPublicKeyAlgID(X509Certificate xcert) {
if (subjectPublicKeyAlgID == null) {
return true;
}
try {
byte[] encodedKey = xcert.getPublicKey().getEncoded();
DerValue val = new DerValue(encodedKey);
if (val.tag != DerValue.tag_Sequence) {
throw new IOException("invalid key format");
}
AlgorithmId algID = AlgorithmId.parse(val.data.getDerValue());
if (debug != null) {
debug.println("X509CertSelector.match: subjectPublicKeyAlgID = "
+ subjectPublicKeyAlgID + ", xcert subjectPublicKeyAlgID = "
+ algID.getOID());
}
if (!subjectPublicKeyAlgID.equals((Object)algID.getOID())) {
if (debug != null) {
debug.println("X509CertSelector.match: "
+ "subject public key alg IDs don't match");
}
return false;
}
} catch (IOException e5) {
if (debug != null) {
debug.println("X509CertSelector.match: IOException in subject "
+ "public key algorithm OID check");
}
return false;
}
return true;
}
Example 16
| Source File: X509CertSelector.java From dragonwell8_jdk with GNU General Public License v2.0 | 5 votes |
|
private boolean matchSubjectPublicKeyAlgID(X509Certificate xcert) {
if (subjectPublicKeyAlgID == null) {
return true;
}
try {
byte[] encodedKey = xcert.getPublicKey().getEncoded();
DerValue val = new DerValue(encodedKey);
if (val.tag != DerValue.tag_Sequence) {
throw new IOException("invalid key format");
}
AlgorithmId algID = AlgorithmId.parse(val.data.getDerValue());
if (debug != null) {
debug.println("X509CertSelector.match: subjectPublicKeyAlgID = "
+ subjectPublicKeyAlgID + ", xcert subjectPublicKeyAlgID = "
+ algID.getOID());
}
if (!subjectPublicKeyAlgID.equals((Object)algID.getOID())) {
if (debug != null) {
debug.println("X509CertSelector.match: "
+ "subject public key alg IDs don't match");
}
return false;
}
} catch (IOException e5) {
if (debug != null) {
debug.println("X509CertSelector.match: IOException in subject "
+ "public key algorithm OID check");
}
return false;
}
return true;
}
Example 17
| Source File: TimestampToken.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
|
private void parse(byte[] timestampTokenInfo) throws IOException {
DerValue tstInfo = new DerValue(timestampTokenInfo);
if (tstInfo.tag != DerValue.tag_Sequence) {
throw new IOException("Bad encoding for timestamp token info");
}
// Parse version
version = tstInfo.data.getInteger();
// Parse policy
policy = tstInfo.data.getOID();
// Parse messageImprint
DerValue messageImprint = tstInfo.data.getDerValue();
hashAlgorithm = AlgorithmId.parse(messageImprint.data.getDerValue());
hashedMessage = messageImprint.data.getOctetString();
// Parse serialNumber
serialNumber = tstInfo.data.getBigInteger();
// Parse genTime
genTime = tstInfo.data.getGeneralizedTime();
// Parse optional elements, if present
while (tstInfo.data.available() > 0) {
DerValue d = tstInfo.data.getDerValue();
if (d.tag == DerValue.tag_Integer) { // must be the nonce
nonce = d.getBigInteger();
break;
}
// Additional fields:
// Parse accuracy
// Parse ordering
// Parse tsa
// Parse extensions
}
}
Example 18
| Source File: DistributionPoint.java From jdk8u-jdk with GNU General Public License v2.0 | 4 votes |
|
/**
* Create the object from the passed DER encoded form.
*
* @param val the DER encoded form of the DistributionPoint
* @throws IOException on error
*/
public DistributionPoint(DerValue val) throws IOException {
if (val.tag != DerValue.tag_Sequence) {
throw new IOException("Invalid encoding of DistributionPoint.");
}
// Note that all the fields in DistributionPoint are defined as
// being OPTIONAL, i.e., there could be an empty SEQUENCE, resulting
// in val.data being null.
while ((val.data != null) && (val.data.available() != 0)) {
DerValue opt = val.data.getDerValue();
if (opt.isContextSpecific(TAG_DIST_PT) && opt.isConstructed()) {
if ((fullName != null) || (relativeName != null)) {
throw new IOException("Duplicate DistributionPointName in "
+ "DistributionPoint.");
}
DerValue distPnt = opt.data.getDerValue();
if (distPnt.isContextSpecific(TAG_FULL_NAME)
&& distPnt.isConstructed()) {
distPnt.resetTag(DerValue.tag_Sequence);
fullName = new GeneralNames(distPnt);
} else if (distPnt.isContextSpecific(TAG_REL_NAME)
&& distPnt.isConstructed()) {
distPnt.resetTag(DerValue.tag_Set);
relativeName = new RDN(distPnt);
} else {
throw new IOException("Invalid DistributionPointName in "
+ "DistributionPoint");
}
} else if (opt.isContextSpecific(TAG_REASONS)
&& !opt.isConstructed()) {
if (reasonFlags != null) {
throw new IOException("Duplicate Reasons in " +
"DistributionPoint.");
}
opt.resetTag(DerValue.tag_BitString);
reasonFlags = (opt.getUnalignedBitString()).toBooleanArray();
} else if (opt.isContextSpecific(TAG_ISSUER)
&& opt.isConstructed()) {
if (crlIssuer != null) {
throw new IOException("Duplicate CRLIssuer in " +
"DistributionPoint.");
}
opt.resetTag(DerValue.tag_Sequence);
crlIssuer = new GeneralNames(opt);
} else {
throw new IOException("Invalid encoding of " +
"DistributionPoint.");
}
}
if ((crlIssuer == null) && (fullName == null) && (relativeName == null)) {
throw new IOException("One of fullName, relativeName, "
+ " and crlIssuer has to be set");
}
}
Example 19
| Source File: IssuingDistributionPointExtension.java From openjdk-jdk9 with GNU General Public License v2.0 | 4 votes |
|
/**
* Creates a critical IssuingDistributionPointExtension from its
* DER-encoding.
*
* @param critical true if the extension is to be treated as critical.
* @param value the DER-encoded value. It must be a <code>byte[]</code>.
* @exception IOException on decoding error.
*/
public IssuingDistributionPointExtension(Boolean critical, Object value)
throws IOException {
this.extensionId = PKIXExtensions.IssuingDistributionPoint_Id;
this.critical = critical.booleanValue();
if (!(value instanceof byte[])) {
throw new IOException("Illegal argument type");
}
extensionValue = (byte[])value;
DerValue val = new DerValue(extensionValue);
if (val.tag != DerValue.tag_Sequence) {
throw new IOException("Invalid encoding for " +
"IssuingDistributionPointExtension.");
}
// All the elements in issuingDistributionPoint are optional
if ((val.data == null) || (val.data.available() == 0)) {
return;
}
DerInputStream in = val.data;
while (in != null && in.available() != 0) {
DerValue opt = in.getDerValue();
if (opt.isContextSpecific(TAG_DISTRIBUTION_POINT) &&
opt.isConstructed()) {
distributionPoint =
new DistributionPointName(opt.data.getDerValue());
} else if (opt.isContextSpecific(TAG_ONLY_USER_CERTS) &&
!opt.isConstructed()) {
opt.resetTag(DerValue.tag_Boolean);
hasOnlyUserCerts = opt.getBoolean();
} else if (opt.isContextSpecific(TAG_ONLY_CA_CERTS) &&
!opt.isConstructed()) {
opt.resetTag(DerValue.tag_Boolean);
hasOnlyCACerts = opt.getBoolean();
} else if (opt.isContextSpecific(TAG_ONLY_SOME_REASONS) &&
!opt.isConstructed()) {
revocationReasons = new ReasonFlags(opt); // expects tag implicit
} else if (opt.isContextSpecific(TAG_INDIRECT_CRL) &&
!opt.isConstructed()) {
opt.resetTag(DerValue.tag_Boolean);
isIndirectCRL = opt.getBoolean();
} else if (opt.isContextSpecific(TAG_ONLY_ATTRIBUTE_CERTS) &&
!opt.isConstructed()) {
opt.resetTag(DerValue.tag_Boolean);
hasOnlyAttributeCerts = opt.getBoolean();
} else {
throw new IOException
("Invalid encoding of IssuingDistributionPoint");
}
}
}
Example 20
| Source File: SignerInfo.java From TencentKona-8 with GNU General Public License v2.0 | 4 votes |
|
/**
* Parses a PKCS#7 signer info.
*
* <p>This constructor is used only for backwards compatibility with
* PKCS#7 blocks that were generated using JDK1.1.x.
*
* @param derin the ASN.1 encoding of the signer info.
* @param oldStyle flag indicating whether or not the given signer info
* is encoded according to JDK1.1.x.
*/
public SignerInfo(DerInputStream derin, boolean oldStyle)
throws IOException, ParsingException
{
// version
version = derin.getBigInteger();
// issuerAndSerialNumber
DerValue[] issuerAndSerialNumber = derin.getSequence(2);
byte[] issuerBytes = issuerAndSerialNumber[0].toByteArray();
issuerName = new X500Name(new DerValue(DerValue.tag_Sequence,
issuerBytes));
certificateSerialNumber = issuerAndSerialNumber[1].getBigInteger();
// digestAlgorithmId
DerValue tmp = derin.getDerValue();
digestAlgorithmId = AlgorithmId.parse(tmp);
// authenticatedAttributes
if (oldStyle) {
// In JDK1.1.x, the authenticatedAttributes are always present,
// encoded as an empty Set (Set of length zero)
derin.getSet(0);
} else {
// check if set of auth attributes (implicit tag) is provided
// (auth attributes are OPTIONAL)
if ((byte)(derin.peekByte()) == (byte)0xA0) {
authenticatedAttributes = new PKCS9Attributes(derin);
}
}
// digestEncryptionAlgorithmId - little RSA naming scheme -
// signature == encryption...
tmp = derin.getDerValue();
digestEncryptionAlgorithmId = AlgorithmId.parse(tmp);
// encryptedDigest
encryptedDigest = derin.getOctetString();
// unauthenticatedAttributes
if (oldStyle) {
// In JDK1.1.x, the unauthenticatedAttributes are always present,
// encoded as an empty Set (Set of length zero)
derin.getSet(0);
} else {
// check if set of unauth attributes (implicit tag) is provided
// (unauth attributes are OPTIONAL)
if (derin.available() != 0
&& (byte)(derin.peekByte()) == (byte)0xA1) {
unauthenticatedAttributes =
new PKCS9Attributes(derin, true);// ignore unsupported attrs
}
}
// all done
if (derin.available() != 0) {
throw new ParsingException("extra data at the end");
}
}
