Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
BEGIN LICENSE BLOCK ***** Version: CPL 1.0/GPL 2.0/LGPL 2.1 The contents of this file are subject to the Common Public License Version 1.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.eclipse.org/legal/cpl-v10.html Software distributed under the License is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for the specific language governing rights and limitations under the License. Copyright (C) 2008 Ola Bini <ola.bini@gmail.com> Alternatively, the contents of this file may be used under the terms of either of the GNU General Public License Version 2 or later (the "GPL"), or the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), in which case the provisions of the GPL or the LGPL are applicable instead of those above. If you wish to allow use of your version of this file only under the terms of either the GPL or the LGPL, and not to allow others to use your version of this file under the terms of the CPL, indicate your decision by deleting the provisions above and replace them with the notice and other provisions required by the GPL or the LGPL. If you do not delete the provisions above, a recipient may use your version of this file under the terms of any one of the CPL, the GPL or the LGPL. END LICENSE BLOCK ***
 
 package org.jruby.ext.openssl.impl;
 
 import java.util.Set;
 import  org.bouncycastle.asn1.ASN1Encodable;
 import  org.bouncycastle.asn1.ASN1EncodableVector;
 import  org.bouncycastle.asn1.ASN1InputStream;
 import  org.bouncycastle.asn1.ASN1Sequence;
 import  org.bouncycastle.asn1.ASN1Set;
 import  org.bouncycastle.asn1.DEREncodable;
 import  org.bouncycastle.asn1.DERInteger;
 import  org.bouncycastle.asn1.DERSequence;
 import  org.bouncycastle.asn1.DERSet;
 import  org.bouncycastle.asn1.DERTaggedObject;
 import  org.bouncycastle.asn1.x509.AlgorithmIdentifier;
 import  org.bouncycastle.asn1.x509.X509CertificateStructure;
 import  org.bouncycastle.jce.provider.X509CertificateObject;
PKCS7_SIGNED

Author(s):
Ola Bini
 
 public class Signed {
    
Describe version here.
 
     private int version;

    
Describe crl here.
 
     private Collection<X509CRLcrl = new ArrayList<X509CRL>();

    
Describe cert here.
 
     private Collection<X509AuxCertificatecert = new ArrayList<X509AuxCertificate>();

    
Describe mdAlgs here.
 
     private Set<AlgorithmIdentifier> mdAlgs = new HashSet<AlgorithmIdentifier>();

    
Describe signerInfo here.
 
 
     PKCS7 contents;

    
Get the Version value.

Returns:
an int value
 
     public final int getVersion() {
         return ;
     }

    
Set the Version value.

Parameters:
newVersion The new Version value.
 
     public final void setVersion(final int newVersion) {
        this. = newVersion;
    }

    
Get the SignerInfo value.

Returns:
a Collection<SignerInfoWithPkey> value
    public final Collection<SignerInfoWithPkeygetSignerInfo() {
        return ;
    }

    
Set the SignerInfo value.

Parameters:
newSignerInfo The new SignerInfo value.
    public final void setSignerInfo(final Collection<SignerInfoWithPkeynewSignerInfo) {
        this. = newSignerInfo;
    }

    
Get the MdAlgs value.

Returns:
a Set<AlgorithmIdentifier> value
    public final Set<AlgorithmIdentifier> getMdAlgs() {
        return ;
    }

    
Set the MdAlgs value.

Parameters:
newMdAlgs The new MdAlgs value.
    public final void setMdAlgs(final Set<AlgorithmIdentifier> newMdAlgs) {
        this. = newMdAlgs;
    }

    
Get the Contents value.

Returns:
a PKCS7 value
    public final PKCS7 getContents() {
        return ;
    }

    
Set the Contents value.

Parameters:
newContents The new Contents value.
    public final void setContents(final PKCS7 newContents) {
        this. = newContents;
    }

    
Get the Cert value.

Returns:
a Collection<X509AuxCertificate> value
    public final Collection<X509AuxCertificategetCert() {
        return ;
    }

    
Set the Cert value.

Parameters:
newCert The new Cert value.
    public final void setCert(final Collection<X509AuxCertificatenewCert) {
        this. = newCert;
    }

    
Get the Crl value.

Returns:
a Set<X509CRL> value
    public final Collection<X509CRLgetCrl() {
        return ;
    }

    
Set the Crl value.

Parameters:
newCrl The new Crl value.
    public final void setCrl(final Collection<X509CRLnewCrl) {
        this. = newCrl;
    }
    @Override
    public String toString() {
        return "#<Signed version=" +  + " mdAlgs="++" content="++" cert="++" crls="++" signerInfos="++">";
    }
    public ASN1Encodable asASN1() {
        ASN1EncodableVector vector = new ASN1EncodableVector();
        vector.add(new DERInteger());
        vector.add(digestAlgorithmsToASN1Set());
        vector.add(.asASN1());
        if ( != null && .size() > 0) {
            if (.size() > 1) {
                vector.add(new DERTaggedObject(false, 0, certificatesToASN1Set()));
            } else {
                // Encode the signer certificate directly for OpenSSL compatibility.
                // OpenSSL does not support multiple signer signature.
                // And OpenSSL requires EXPLICIT tagging.
                vector.add(new DERTaggedObject(true, 0, firstCertificatesToASN1()));
            }
        }
        if ( != null && .size() > 0) {
            vector.add(new DERTaggedObject(false, 1, crlsToASN1Set()));
        }
        vector.add(signerInfosToASN1Set());
        return new DERSequence(vector);
    }
    private ASN1Set digestAlgorithmsToASN1Set() {
        ASN1EncodableVector vector = new ASN1EncodableVector();
        for(AlgorithmIdentifier ai : ) {
            vector.add(ai.toASN1Object());
        }
        return new DERSet(vector);
    }
    // This imlementation is stupid and wasteful. Ouch.
    private ASN1Set certificatesToASN1Set() {
        try {
            ASN1EncodableVector vector = new ASN1EncodableVector();
            for(X509AuxCertificate c : ) {
                vector.add(new ASN1InputStream(new ByteArrayInputStream(c.getEncoded())).readObject());
            }
            return new DERSet(vector);
        } catch(Exception e) {
            return null;
        }
    }
    private DERSequence firstCertificatesToASN1() {
        try {
            X509AuxCertificate c = .iterator().next();
            return (DERSequence) (new ASN1InputStream(new ByteArrayInputStream(c.getEncoded())).readObject());
        } catch (Exception e) {}
        return null;
    }
    private ASN1Set crlsToASN1Set() {
        throw new RuntimeException("TODO: implement CRL part");
    }
    private ASN1Set signerInfosToASN1Set() {
        ASN1EncodableVector vector = new ASN1EncodableVector();
        for(SignerInfoWithPkey si : ) {
            vector.add(si.toASN1Object());
        }
        return new DERSet(vector);
    }

    
SignedData ::= SEQUENCE { version Version, digestAlgorithms DigestAlgorithmIdentifiers, contentInfo ContentInfo, certificates [0] IMPLICIT ExtendedCertificatesAndCertificates OPTIONAL, crls [1] IMPLICIT CertificateRevocationLists OPTIONAL, signerInfos SignerInfos } Version ::= INTEGER DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier SignerInfos ::= SET OF SignerInfo
    public static Signed fromASN1(DEREncodable contentthrows PKCS7Exception{
        ASN1Sequence sequence = (ASN1Sequence)content;
        DERInteger version = (DERInteger)sequence.getObjectAt(0);
        ASN1Set digestAlgos = (ASN1Set)sequence.getObjectAt(1);
        DEREncodable contentInfo = sequence.getObjectAt(2);
        DEREncodable certificates = null;
        DEREncodable crls = null;
        int index = 3;
        DEREncodable tmp = sequence.getObjectAt(index);
        if((tmp instanceof DERTaggedObject) && ((DERTaggedObject)tmp).getTagNo() == 0) {
            certificates = ((DERTaggedObject)tmp).getObject();
            index++;
        }
        tmp = sequence.getObjectAt(index);
        if((tmp instanceof DERTaggedObject) && ((DERTaggedObject)tmp).getTagNo() == 1) {
            crls = ((DERTaggedObject)tmp).getObject();
            index++;
        }
        ASN1Set signerInfos = (ASN1Set)sequence.getObjectAt(index);
        Signed signed = new Signed();
        signed.setVersion(version.getValue().intValue());
        signed.setMdAlgs(algorithmIdentifiersFromASN1Set(digestAlgos));
        signed.setContents(PKCS7.fromASN1(contentInfo));
        if(certificates != null) {
            signed.setCert(certificatesFromASN1Set(certificates));
        }
        if(crls != null) {
            throw new RuntimeException("TODO: implement CRL part");
        }
        signed.setSignerInfo(signerInfosFromASN1Set(signerInfos));
        return signed;
    }
    private static Collection<X509AuxCertificatecertificatesFromASN1Set(DEREncodable contentthrows PKCS7Exception {
        Collection<X509AuxCertificateresult = new ArrayList<X509AuxCertificate>();
        if (content instanceof DERSequence) {
            try {
                for (Enumeration<?> enm = ((DERSequence) content).getObjects(); enm.hasMoreElements();) {
                    DEREncodable current = (DEREncodable) enm.nextElement();
                    result.add(certificateFromASN1(current));
                }
            } catch (IllegalArgumentException iae) {
                result.add(certificateFromASN1(content));
            }
        } else if (content instanceof DERSet) {
            // EXPLICIT Set shouldn't apper here but keep this for backward compatibility.
            for (Enumeration<?> enm = ((DERSet) content).getObjects(); enm.hasMoreElements();) {
                DEREncodable current = (DEREncodable) enm.nextElement();
                result.add(certificateFromASN1(current));
            }
        } else {
            throw new PKCS7Exception(.."unknown certificates format");
        }
        return result;
    }
    private static X509AuxCertificate certificateFromASN1(DEREncodable currentthrows PKCS7Exception {
        X509CertificateStructure struct = X509CertificateStructure.getInstance(current);
        try {
            return new X509AuxCertificate(new X509CertificateObject(struct));
        } catch (CertificateParsingException cpe) {
            throw new PKCS7Exception(..cpe);
        }
    }
    private static Set<AlgorithmIdentifier> algorithmIdentifiersFromASN1Set(DEREncodable content) {
        ASN1Set set = (ASN1Set)content;
        Set<AlgorithmIdentifier> result = new HashSet<AlgorithmIdentifier>();
        for(Enumeration<?> e = set.getObjects(); e.hasMoreElements();) {
            result.add(AlgorithmIdentifier.getInstance(e.nextElement()));
        }
        return result;
    }
    private static Collection<SignerInfoWithPkeysignerInfosFromASN1Set(DEREncodable content) {
        ASN1Set set = (ASN1Set)content;
        Collection<SignerInfoWithPkeyresult = new ArrayList<SignerInfoWithPkey>();
        for(Enumeration<?> e = set.getObjects(); e.hasMoreElements();) {
            result.add(SignerInfoWithPkey.getInstance(e.nextElement()));
        }
        return result;
    }
}// Signed
New to GrepCode? Check out our FAQ X