Java 类org.bouncycastle.asn1.DERObject 实例源码

/**
 * Produce an object suitable for an ASN1OutputStream.
 * <pre>
 *  SignedData ::= SEQUENCE {
 *      version Version,
 *      digestAlgorithms DigestAlgorithmIdentifiers,
 *      contentInfo ContentInfo,
 *      certificates
 *          [0] IMPLICIT ExtendedCertificatesAndCertificates
 *                   OPTIONAL,
 *      crls
 *          [1] IMPLICIT CertificateRevocationLists OPTIONAL,
 *      signerInfos SignerInfos }
 * </pre>
 */
public DERObject toASN1Object()
{
    ASN1EncodableVector v = new ASN1EncodableVector();

    v.add(version);
    v.add(digestAlgorithms);
    v.add(contentInfo);

    if (certificates != null)
    {
        v.add(new DERTaggedObject(false, 0, certificates));
    }

    if (crls != null)
    {
        v.add(new DERTaggedObject(false, 1, crls));
    }

    v.add(signerInfos);

    return new BERSequence(v);
}

/**
 * Dump out the object as a string.
 *
 * @param obj  the object to be dumped
 * @param verbose  if true, dump out the contents of octet and bit strings.
 * @return  the resulting string.
 */
public static String dumpAsString(
    Object   obj,
    boolean  verbose)
{
    StringBuffer buf = new StringBuffer();

    if (obj instanceof DERObject)
    {
        _dumpAsString("", verbose, (DERObject)obj, buf);
    }
    else if (obj instanceof DEREncodable)
    {
        _dumpAsString("", verbose, ((DEREncodable)obj).getDERObject(), buf);
    }
    else
    {
        return "unknown object type " + obj.toString();
    }

    return buf.toString();
}

/**
 * Convert types returned by Bouncy Castle X509ExtensionUtil.getSubjectAlternativeNames(X509Certificate) to be
 * consistent with what is documented for: java.security.cert.X509Certificate#getSubjectAlternativeNames.
 * 
 * @param nameType the alt name type
 * @param nameValue the alt name value
 * @return converted representation of name value, based on type
 */
private static Object convertAltNameType(Integer nameType, Object nameValue) {
    Logger log = getLogger();
    if (DIRECTORY_ALT_NAME.equals(nameType) || DNS_ALT_NAME.equals(nameType) || RFC822_ALT_NAME.equals(nameType)
            || URI_ALT_NAME.equals(nameType) || REGISTERED_ID_ALT_NAME.equals(nameType)) {

        // these are just strings in the appropriate format already, return as-is
        return nameValue;
    }

    if (IP_ADDRESS_ALT_NAME.equals(nameType)) {
        // this is a byte[], IP addr in network byte order
        return IPAddressHelper.addressToString((byte[]) nameValue);
    }

    if (EDI_PARTY_ALT_NAME.equals(nameType) || X400ADDRESS_ALT_NAME.equals(nameType)
            || OTHER_ALT_NAME.equals(nameType)) {

        // these have no defined representation, just return a DER-encoded byte[]
        return ((DERObject) nameValue).getDEREncoded();
    }

    log.warn("Encountered unknown alt name type '{}', adding as-is", nameType);
    return nameValue;
}

/**
 * Produce an object suitable for an ASN1OutputStream.
 * <pre>
 *  SignedData ::= SEQUENCE {
 *      version Version,
 *      digestAlgorithms DigestAlgorithmIdentifiers,
 *      contentInfo ContentInfo,
 *      certificates
 *          [0] IMPLICIT ExtendedCertificatesAndCertificates
 *                   OPTIONAL,
 *      crls
 *          [1] IMPLICIT CertificateRevocationLists OPTIONAL,
 *      signerInfos SignerInfos }
 * </pre>
 */
public DERObject toASN1Object()
{
    ASN1EncodableVector v = new ASN1EncodableVector();

    v.add(version);
    v.add(digestAlgorithms);
    v.add(contentInfo);

    if (certificates != null)
    {
        v.add(new DERTaggedObject(false, 0, certificates));
    }

    if (crls != null)
    {
        v.add(new DERTaggedObject(false, 1, crls));
    }

    v.add(signerInfos);

    return new BERSequence(v);
}

/**
 * Dump out the object as a string.
 *
 * @param obj  the object to be dumped
 * @param verbose  if true, dump out the contents of octet and bit strings.
 * @return  the resulting string.
 */
public static String dumpAsString(
    Object   obj,
    boolean  verbose)
{
    StringBuffer buf = new StringBuffer();

    if (obj instanceof DERObject)
    {
        _dumpAsString("", verbose, (DERObject)obj, buf);
    }
    else if (obj instanceof DEREncodable)
    {
        _dumpAsString("", verbose, ((DEREncodable)obj).getDERObject(), buf);
    }
    else
    {
        return "unknown object type " + obj.toString();
    }

    return buf.toString();
}

public static void extractAuthorityInformationAccess(List<String> OCSPUrl,
        DERObject aiaExt) {
    AuthorityInformationAccess aia = AuthorityInformationAccess
            .getInstance(aiaExt);
    AccessDescription[] accessDescriptions = aia.getAccessDescriptions();
    DERObjectIdentifier OCSPOid = new DERObjectIdentifier(
            "1.3.6.1.5.5.7.48.1"); //$NON-NLS-1$
    for (AccessDescription accessDescription : accessDescriptions) {
        GeneralName generalName = accessDescription.getAccessLocation();
        String nextName = generalName.getName().toString();
        DERObjectIdentifier acessMethod = accessDescription
                .getAccessMethod();
        if (acessMethod.equals(OCSPOid)) {
            OCSPUrl.add(nextName);
        }
    }
}

/**
 * Produce an object suitable for an ASN1OutputStream.
 * <p/>
 * Returns:
 * <p/>
 * <pre>
 *       CertificatePair ::= SEQUENCE {
 *         forward        [0]    Certificate OPTIONAL,
 *         reverse        [1]    Certificate OPTIONAL,
 *         -- at least one of the pair shall be present -- }
 * </pre>
 *
 * @return a DERObject
 */
public DERObject toASN1Object()
{
    ASN1EncodableVector vec = new ASN1EncodableVector();

    if (forward != null)
    {
        vec.add(new DERTaggedObject(0, forward));
    }
    if (reverse != null)
    {
        vec.add(new DERTaggedObject(1, reverse));
    }

    return new DERSequence(vec);
}

public DERObject toASN1Object()
{
    ASN1EncodableVector  v = new ASN1EncodableVector();

    if (distributionPoint != null)
    {
        //
        // as this is a CHOICE it must be explicitly tagged
        //
        v.add(new DERTaggedObject(0, distributionPoint));
    }

    if (reasons != null)
    {
        v.add(new DERTaggedObject(false, 1, reasons));
    }

    if (cRLIssuer != null)
    {
        v.add(new DERTaggedObject(false, 2, cRLIssuer));
    }

    return new DERSequence(v);
}

/**
 * Produce an object suitable for an ASN1OutputStream.
 * <pre>
 *  V2Form ::= SEQUENCE {
 *       issuerName            GeneralNames  OPTIONAL,
 *       baseCertificateID     [0] IssuerSerial  OPTIONAL,
 *       objectDigestInfo      [1] ObjectDigestInfo  OPTIONAL
 *         -- issuerName MUST be present in this profile
 *         -- baseCertificateID and objectDigestInfo MUST NOT
 *         -- be present in this profile
 *  }
 * </pre>
 */
public DERObject toASN1Object()
{
    ASN1EncodableVector  v = new ASN1EncodableVector();

    if (issuerName != null)
    {
        v.add(issuerName);
    }

    if (baseCertificateID != null)
    {
        v.add(new DERTaggedObject(false, 0, baseCertificateID));
    }

    if (objectDigestInfo != null)
    {
        v.add(new DERTaggedObject(false, 1, objectDigestInfo));
    }

    return new DERSequence(v);
}

/**
 * Produce an object suitable for an ASN1OutputStream.
 */
public DERObject toASN1Object()
{
    ASN1EncodableVector  v = new ASN1EncodableVector();

    if (keyidentifier != null)
    {
        v.add(new DERTaggedObject(false, 0, keyidentifier));
    }

    if (certissuer != null)
    {
        v.add(new DERTaggedObject(false, 1, certissuer));
    }

    if (certserno != null)
    {
        v.add(new DERTaggedObject(false, 2, certserno));
    }


    return new DERSequence(v);
}

/**
 * 
 * <pre>
 * 
 *  IetfAttrSyntax ::= SEQUENCE {
 *    policyAuthority [0] GeneralNames OPTIONAL,
 *    values SEQUENCE OF CHOICE {
 *      octets OCTET STRING,
 *      oid OBJECT IDENTIFIER,
 *      string UTF8String
 *    }
 *  }
 *  
 * </pre>
 */
public DERObject toASN1Object()
{
    ASN1EncodableVector v = new ASN1EncodableVector();

    if (policyAuthority != null)
    {
        v.add(new DERTaggedObject(0, policyAuthority));
    }

    ASN1EncodableVector v2 = new ASN1EncodableVector();

    for (Enumeration i = values.elements(); i.hasMoreElements();)
    {
        v2.add((ASN1Encodable)i.nextElement());
    }

    v.add(new DERSequence(v2));

    return new DERSequence(v);
}

public DERObject getDERObject()
{
    ASN1EncodableVector  v = new ASN1EncodableVector();
    ASN1EncodableVector  subV = new ASN1EncodableVector();

    v.add(id);
    subV.add(octStr);
    subV.add(iterationCount);

    if (keyLength != null)
    {
        subV.add(keyLength);
    }

    v.add(new DERSequence(subV));

    return new DERSequence(v);
}

/**
 * <pre>
 *     Extensions        ::=   SEQUENCE SIZE (1..MAX) OF Extension
 *
 *     Extension         ::=   SEQUENCE {
 *        extnId            EXTENSION.&amp;id ({ExtensionSet}),
 *        critical          BOOLEAN DEFAULT FALSE,
 *        extnValue         OCTET STRING }
 * </pre>
 */
public DERObject toASN1Object()
{
    ASN1EncodableVector     vec = new ASN1EncodableVector();
    Enumeration             e = ordering.elements();

    while (e.hasMoreElements())
    {
        DERObjectIdentifier     oid = (DERObjectIdentifier)e.nextElement();
        X509Extension           ext = (X509Extension)extensions.get(oid);
        ASN1EncodableVector     v = new ASN1EncodableVector();

        v.add(oid);

        if (ext.isCritical())
        {
            v.add(new DERBoolean(true));
        }

        v.add(ext.getValue());

        vec.add(new DERSequence(v));
    }

    return new DERSequence(vec);
}

public DERObject toASN1Object() 
{
    ASN1EncodableVector av = new ASN1EncodableVector();

    if (noticeRef != null)
    {
        av.add(noticeRef);
    }

    if (explicitText != null)
    {
        av.add(explicitText);
    }

    return new DERSequence(av);
}

/**
 * Produce an object suitable for an ASN1OutputStream.
 * 
 * Returns:
 * 
 * <pre>
 *       GeneralSubtree ::= SEQUENCE 
 *       {
 *         base                    GeneralName,
 *         minimum         [0]     BaseDistance DEFAULT 0,
 *         maximum         [1]     BaseDistance OPTIONAL 
 *       }
 * </pre>
 * 
 * @return a DERObject
 */
public DERObject toASN1Object()
{
    ASN1EncodableVector v = new ASN1EncodableVector();

    v.add(base);

    if (minimum != null && !minimum.getValue().equals(ZERO))
    {
        v.add(new DERTaggedObject(false, 0, minimum));
    }

    if (maximum != null)
    {
        v.add(new DERTaggedObject(false, 1, maximum));
    }

    return new DERSequence(v);
}

public ExtendedKeyUsage(
    Vector  usages)
{
    ASN1EncodableVector v = new ASN1EncodableVector();
    Enumeration         e = usages.elements();

    while (e.hasMoreElements())
    {
        DERObject  o = (DERObject)e.nextElement();

        v.add(o);
        this.usageTable.put(o, o);
    }

    this.seq = new DERSequence(v);
}

/**
 * Produce an object suitable for an ASN1OutputStream.
 * <pre>
 * BasicConstraints := SEQUENCE {
 *    cA                  BOOLEAN DEFAULT FALSE,
 *    pathLenConstraint   INTEGER (0..MAX) OPTIONAL
 * }
 * </pre>
 */
public DERObject toASN1Object()
{
    ASN1EncodableVector  v = new ASN1EncodableVector();

    if (cA != null)
    {
        v.add(cA);
    }

    if (pathLenConstraint != null)  // yes some people actually do this when cA is false...
    {
        v.add(pathLenConstraint);
    }

    return new DERSequence(v);
}

/**
 * Produce an object suitable for an ASN1OutputStream.
 * <pre>
 *  OtherInfo ::= SEQUENCE {
 *      keyInfo KeySpecificInfo,
 *      partyAInfo [0] OCTET STRING OPTIONAL,
 *      suppPubInfo [2] OCTET STRING
 *  }
 * </pre>
 */
public DERObject getDERObject()
{
    ASN1EncodableVector  v = new ASN1EncodableVector();

    v.add(keyInfo);

    if (partyAInfo != null)
    {
        v.add(new DERTaggedObject(0, partyAInfo));
    }

    v.add(new DERTaggedObject(2, suppPubInfo));

    return new DERSequence(v);
}

/**
 * Produce an object suitable for an ASN1OutputStream.
 * <pre>
 *  ECParameters ::= SEQUENCE {
 *      version         INTEGER { ecpVer1(1) } (ecpVer1),
 *      fieldID         FieldID {{FieldTypes}},
 *      curve           X9Curve,
 *      base            X9ECPoint,
 *      order           INTEGER,
 *      cofactor        INTEGER OPTIONAL
 *  }
 * </pre>
 */
public DERObject getDERObject()
{
    ASN1EncodableVector v = new ASN1EncodableVector();

    v.add(new DERInteger(1));
    v.add(fieldID);
    v.add(new X9Curve(curve, seed));
    v.add(new X9ECPoint(g));
    v.add(new DERInteger(n));

    if (!h.equals(BigInteger.valueOf(1)))
    {
        v.add(new DERInteger(h));
    }

    return new DERSequence(v);
}

/**
 * Produce an object suitable for an ASN1OutputStream.
 * <pre>
 *  SignedData ::= SEQUENCE {
 *      version Version,
 *      digestAlgorithms DigestAlgorithmIdentifiers,
 *      contentInfo ContentInfo,
 *      certificates
 *          [0] IMPLICIT ExtendedCertificatesAndCertificates
 *                   OPTIONAL,
 *      crls
 *          [1] IMPLICIT CertificateRevocationLists OPTIONAL,
 *      signerInfos SignerInfos }
 * </pre>
 */
public DERObject getDERObject()
{
    ASN1EncodableVector v = new ASN1EncodableVector();

    v.add(version);
    v.add(digestAlgorithms);
    v.add(contentInfo);

    if (certificates != null)
    {
        v.add(new DERTaggedObject(false, 0, certificates));
    }

    if (crls != null)
    {
        v.add(new DERTaggedObject(false, 1, crls));
    }

    v.add(signerInfos);

    return new BERSequence(v);
}

/**
 * Creates an ASN.1 sequence from the given byte array.
 *
 * @param data
 *            Encoded bytes of an ASN.1 sequence.
 *
 * @return ASN.1 sequence object.
 *
 * @throws IllegalArgumentException
 *             If data is not encoded bytes of an ASN.1 sequence.
 */
private static ASN1Sequence toASN1Sequence(final byte[] data) {
    DERObject obj;
    try {
        obj = DERHelper.toDERObject(data, false);
    } catch (IOException e) {
        throw new IllegalArgumentException(
                "Error creating ASN.1 sequence from encoded bytes.", e);
    }
    if (obj instanceof ASN1Sequence) {
        return (ASN1Sequence) obj;
    } else {
        throw new IllegalArgumentException(
                "Encoded data is not an ASN.1 sequence.");
    }
}

public DERObject toASN1Object()
{
    ASN1EncodableVector  v = new ASN1EncodableVector();

    v.add(p);
    v.add(g);

    if (this.getL() != null)
    {
        v.add(l);
    }

    return new DERSequence(v);
}

/** 
 * Produce an object suitable for an ASN1OutputStream.
 * <pre>
 * Attribute ::= SEQUENCE {
 *     attrType OBJECT IDENTIFIER,
 *     attrValues SET OF AttributeValue
 * }
 * </pre>
 */
public DERObject toASN1Object()
{
    ASN1EncodableVector v = new ASN1EncodableVector();

    v.add(attrType);
    v.add(attrValues);

    return new DERSequence(v);
}

public SafeBag(
    DERObjectIdentifier     oid,
    DERObject               obj)
{
    this.bagId = oid;
    this.bagValue = obj;
    this.bagAttributes = null;
}

public SafeBag(
    DERObjectIdentifier     oid,
    DERObject               obj,
    ASN1Set                 bagAttributes)
{
    this.bagId = oid;
    this.bagValue = obj;
    this.bagAttributes = bagAttributes;
}

public DERObject toASN1Object()
{
    ASN1EncodableVector v = new ASN1EncodableVector();

    v.add(bagId);
    v.add(new DERTaggedObject(0, bagValue));

    if (bagAttributes != null)
    {
        v.add(bagAttributes);
    }

    return new DERSequence(v);
}

public DERObject toASN1Object()
{
    ASN1EncodableVector  v = new ASN1EncodableVector();

    for (int i = 0; i != info.length; i++)
    {
        v.add(info[i]);
    }

    return new BERSequence(v);
}

public DERObject toASN1Object()
{
    ASN1EncodableVector  v = new ASN1EncodableVector();

    if (version != null)
    {
        v.add(version);
    }

    v.add(iv);

    return new DERSequence(v);
}

public DERObject toASN1Object()
{
    ASN1EncodableVector  v = new ASN1EncodableVector();

    v.add(iv);
    v.add(iterations);

    return new DERSequence(v);
}

public CertBag(
    DERObjectIdentifier certId,
    DERObject           certValue)
{
    this.certId = certId;
    this.certValue = certValue;
}

public DERObject toASN1Object()
{
    ASN1EncodableVector  v = new ASN1EncodableVector();

    v.add(certId);
    v.add(new DERTaggedObject(0, certValue));

    return new DERSequence(v);
}

/**
 * Produce an object suitable for an ASN1OutputStream.
 * <pre>
 * ContentInfo ::= SEQUENCE {
 *          contentType ContentType,
 *          content
 *          [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL }
 * </pre>
 */
public DERObject toASN1Object()
{
    ASN1EncodableVector  v = new ASN1EncodableVector();

    v.add(contentType);

    if (content != null)
    {
        v.add(new BERTaggedObject(0, content));
    }

    return new BERSequence(v);
}

public DERObject toASN1Object()
{
    ASN1EncodableVector  v = new ASN1EncodableVector();

    v.add(octStr);
    v.add(iterationCount);

    if (keyLength != null)
    {
        v.add(keyLength);
    }

    return new DERSequence(v);
}

/**
 * dump out a DER object as a formatted string
 *
 * @param obj the DERObject to be dumped out.
 */
public static String dumpAsString(
    DERObject   obj)
{
    StringBuffer buf = new StringBuffer();

    _dumpAsString("", false, obj, buf);

    return buf.toString();
}

public static byte[] decrypt(byte[] privateKey, byte[] encryptedData) throws IOException {
    if (privateKey == null || privateKey.length == 0) {
        return null;
    }

    if (encryptedData == null || encryptedData.length == 0) {
        return null;
    }

    byte[] enc = new byte[encryptedData.length];
    System.arraycopy(encryptedData, 0, enc, 0, encryptedData.length);

    SM2 sm2 = SM2.Instance();
    BigInteger userD = new BigInteger(1, privateKey);

    ByteArrayInputStream bis = new ByteArrayInputStream(enc);
    ASN1InputStream dis = new ASN1InputStream(bis);
    DERObject derObj = dis.readObject();
    ASN1Sequence asn1 = (ASN1Sequence) derObj;
    DERInteger x = (DERInteger) asn1.getObjectAt(0);
    DERInteger y = (DERInteger) asn1.getObjectAt(1);
    ECPoint c1 = sm2.ecc_curve.createPoint(x.getValue(), y.getValue(), true);

    Cipher cipher = new Cipher();
    cipher.initDec(userD, c1);
    DEROctetString data = (DEROctetString) asn1.getObjectAt(3);
    enc = data.getOctets();
    cipher.decrypt(enc);
    byte[] c3 = new byte[32];
    cipher.dofinal(c3);
    return enc;
}

public DERObject toASN1Object()
{
    ASN1EncodableVector  v = new ASN1EncodableVector();

    v.add(p);
    v.add(g);

    if (this.getL() != null)
    {
        v.add(l);
    }

    return new DERSequence(v);
}

/** 
 * Produce an object suitable for an ASN1OutputStream.
 * <pre>
 * Attribute ::= SEQUENCE {
 *     attrType OBJECT IDENTIFIER,
 *     attrValues SET OF AttributeValue
 * }
 * </pre>
 */
public DERObject toASN1Object()
{
    ASN1EncodableVector v = new ASN1EncodableVector();

    v.add(attrType);
    v.add(attrValues);

    return new DERSequence(v);
}

public SafeBag(
    DERObjectIdentifier     oid,
    DERObject               obj)
{
    this.bagId = oid;
    this.bagValue = obj;
    this.bagAttributes = null;
}

public SafeBag(
    DERObjectIdentifier     oid,
    DERObject               obj,
    ASN1Set                 bagAttributes)
{
    this.bagId = oid;
    this.bagValue = obj;
    this.bagAttributes = bagAttributes;
}

public DERObject toASN1Object()
{
    ASN1EncodableVector v = new ASN1EncodableVector();

    v.add(bagId);
    v.add(new DERTaggedObject(0, bagValue));

    if (bagAttributes != null)
    {
        v.add(bagAttributes);
    }

    return new DERSequence(v);
}