Java Code Examples for org.bouncycastle.asn1.DEROctetString#getInstance()

The following examples show how to use org.bouncycastle.asn1.DEROctetString#getInstance() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: ProxyP11Identity.java    From xipki with Apache License 2.0 6 votes vote down vote up
@Override
protected byte[] digestSecretKey0(long mechanism) throws P11TokenException {
  ProxyMessage.DigestSecretKeyTemplate template =
      new ProxyMessage.DigestSecretKeyTemplate(
          ((ProxyP11Slot) slot).getAsn1SlotId(), asn1KeyId, mechanism);
  byte[] result = ((ProxyP11Slot) slot).getModule().send(
      P11ProxyConstants.ACTION_DIGEST_SECRETKEY, template);

  ASN1OctetString octetString;
  try {
    octetString = DEROctetString.getInstance(result);
  } catch (IllegalArgumentException ex) {
    throw new P11TokenException("the returned result is not OCTET STRING");
  }

  return (octetString == null) ? null : octetString.getOctets();
}
 
Example 2
Source File: ProxyP11Identity.java    From xipki with Apache License 2.0 5 votes vote down vote up
@Override
protected byte[] sign0(long mechanism, P11Params parameters, byte[] content)
    throws P11TokenException {
  ProxyMessage.P11Params p11Param = null;
  if (parameters != null) {
    if (parameters instanceof P11RSAPkcsPssParams) {
      p11Param = new ProxyMessage.P11Params(ProxyMessage.P11Params.TAG_RSA_PKCS_PSS,
          new ProxyMessage.RSAPkcsPssParams((P11RSAPkcsPssParams) parameters));
    } else if (parameters instanceof P11ByteArrayParams) {
      byte[] bytes = ((P11ByteArrayParams) parameters).getBytes();
      p11Param = new ProxyMessage.P11Params(ProxyMessage.P11Params.TAG_OPAQUE,
          new DEROctetString(bytes));
    } else if (parameters instanceof P11IVParams) {
      p11Param = new ProxyMessage.P11Params(ProxyMessage.P11Params.TAG_IV,
          new DEROctetString(((P11IVParams) parameters).getIV()));
    } else {
      throw new IllegalArgumentException("unkown parameter 'parameters'");
    }
  }

  ProxyMessage.SignTemplate signTemplate = new ProxyMessage.SignTemplate(
      ((ProxyP11Slot) slot).getAsn1SlotId(), asn1KeyId, mechanism, p11Param, content);
  byte[] result = ((ProxyP11Slot) slot).getModule().send(P11ProxyConstants.ACTION_SIGN,
      signTemplate);

  ASN1OctetString octetString;
  try {
    octetString = DEROctetString.getInstance(result);
  } catch (IllegalArgumentException ex) {
    throw new P11TokenException("the returned result is not OCTET STRING");
  }

  return (octetString == null) ? null : octetString.getOctets();
}
 
Example 3
Source File: ExtensionsChecker.java    From xipki with Apache License 2.0 5 votes vote down vote up
private void checkExtnAuthorizationTemplate(StringBuilder failureMsg,
    byte[] extensionValue, Extensions requestedExtns, ExtensionControl extControl) {
  AuthorizationTemplate conf = authorizationTemplate;
  if (conf == null) {
    checkConstantExtnValue(ObjectIdentifiers.Xipki.id_xipki_ext_authorizationTemplate,
        failureMsg, extensionValue, requestedExtns, extControl);

    byte[] expected = getExpectedExtValue(
        ObjectIdentifiers.Xipki.id_xipki_ext_authorizationTemplate, requestedExtns, extControl);
    if (!Arrays.equals(expected, extensionValue)) {
      addViolation(failureMsg, "extension values", hex(extensionValue),
          (expected == null) ? "not present" : hex(expected));
    }
    return;
  }

  ASN1Sequence seq = ASN1Sequence.getInstance(extensionValue);
  ASN1ObjectIdentifier type = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
  ASN1OctetString accessRights = DEROctetString.getInstance(seq.getObjectAt(1));
  if (!conf.getType().getOid().equals(type.getId())) {
    addViolation(failureMsg, "type", type.getId(), conf.getType());
  }

  byte[] isRights = accessRights.getOctets();
  if (!Arrays.equals(conf.getAccessRights().getValue(), isRights)) {
    addViolation(failureMsg, "accessRights",
        hex(isRights), hex(conf.getAccessRights().getValue()));
  }
}
 
Example 4
Source File: ExtensionsChecker.java    From xipki with Apache License 2.0 5 votes vote down vote up
private void checkScts(StringBuilder failureMsg,
    byte[] extensionValue, ExtensionControl extControl) {
  // just check the syntax
  try {
    ASN1OctetString octet = DEROctetString.getInstance(extensionValue);
    SignedCertificateTimestampList sctList =
        SignedCertificateTimestampList.getInstance(octet.getOctets());
    int size = sctList.getSctList().size();
    for (int i = 0; i < size; i++) {
      sctList.getSctList().get(i).getDigitallySigned().getSignatureObject();
    }
  } catch (Exception ex) {
    failureMsg.append("invalid syntax: ").append(ex.getMessage()).append("; ");
  }
}
 
Example 5
Source File: ExtensionSyntaxChecker.java    From xipki with Apache License 2.0 4 votes vote down vote up
private static ASN1Encodable getParsedImplicitValue(String name, ASN1TaggedObject taggedObject,
    FieldType fieldType) throws BadCertTemplateException {
  try {
    switch (fieldType) {
      case BIT_STRING:
        return DERBitString.getInstance(taggedObject, false);
      case BMPString:
        return DERBMPString.getInstance(taggedObject, false);
      case BOOLEAN:
        return ASN1Boolean.getInstance(taggedObject, false);
      case ENUMERATED:
        return ASN1Enumerated.getInstance(taggedObject, false);
      case GeneralizedTime:
        return DERGeneralizedTime.getInstance(taggedObject, false);
      case IA5String:
        return DERIA5String.getInstance(taggedObject, false);
      case INTEGER:
        return ASN1Integer.getInstance(taggedObject, false);
      case Name:
        return X500Name.getInstance(taggedObject, false);
      case NULL:
        if (!(taggedObject.getObject() instanceof ASN1OctetString
            && ((ASN1OctetString) taggedObject.getObject()).getOctets().length == 0)) {
          throw new BadCertTemplateException("invalid " + name);
        }
        return DERNull.INSTANCE;
      case OCTET_STRING:
        return DEROctetString.getInstance(taggedObject, false);
      case OID:
        return ASN1ObjectIdentifier.getInstance(taggedObject, false);
      case PrintableString:
        return DERPrintableString.getInstance(taggedObject, false);
      case RAW:
        return taggedObject.getObject();
      case SEQUENCE:
      case SEQUENCE_OF:
        return ASN1Sequence.getInstance(taggedObject, false);
      case SET:
      case SET_OF:
        return ASN1Set.getInstance(taggedObject, false);
      case TeletexString:
        return DERT61String.getInstance(taggedObject, false);
      case UTCTime:
        return DERUTCTime.getInstance(taggedObject, false);
      case UTF8String:
        return DERUTF8String.getInstance(taggedObject, false);
      default:
        throw new RuntimeException("Unknown FieldType " + fieldType);
    }
  } catch (IllegalArgumentException ex) {
    throw new BadCertTemplateException("invalid " + name, ex);
  }
}