import org.bouncycastle.util.encoders.Base64;
import org.bouncycastle.asn1.DERInputStream;
import org.bouncycastle.asn1.DEROutputStream;
-import org.bouncycastle.asn1.DERConstructedSequence;
+import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERObject;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.BERInputStream;
int certlen = ((rec[7 + i] & 0xff) << 16) | ((rec[7 + i + 1] & 0xff) << 8) | (rec[7 + i + 2] & 0xff);
try {
DERInputStream dIn = new DERInputStream(new ByteArrayInputStream(rec, 7 + i + 3, certlen));
- this_cert = new X509CertificateStructure((DERConstructedSequence)dIn.readObject());
+ this_cert = new X509CertificateStructure((DERSequence)dIn.readObject());
} catch (Exception e) {
SSLException t = new SSLException("error decoding server certificate: " + e);
t.fillInStackTrace();
}
if (!good) throw new SSLException("server certificate does not seem to have a CN: " + CN);
- if (!ignoreUntrustedCert && !CN.equals(hostname))
+ if (!ignoreUntrustedCert && !CN.equalsIgnoreCase(hostname))
throw new SSLException("connecting to host " + hostname + " but server certificate was issued for " + CN);
- SimpleDateFormat dateF = new SimpleDateFormat("MM-dd-yy-HH-mm-ss-z");
+ SimpleDateFormat dateF = new SimpleDateFormat("MM-dd-yyyy-HH-mm-ss-z");
// the following idiocy is a result of the brokenness of the GNU Classpath's SimpleDateFormat
String s = tbs.getStartDate().getTime();
- s = s.substring(2, 4) + "-" + s.substring(4, 6) + "-" + s.substring(0, 2) + "-" + s.substring(6, 8) + "-" +
- s.substring(8, 10) + "-" + s.substring(10, 12) + "-" + s.substring(12);
+ s = s.substring(0, 4) + "-" + s.substring(4, 6) + "-" + s.substring(6, 8) + "-" +
+ s.substring(8, 10) + "-" + s.substring(10, 12) + "-" +
+ s.substring(12, 14) + "-" + s.substring(14);
+
Date startDate = dateF.parse(s, new ParsePosition(0));
s = tbs.getEndDate().getTime();
X509Extension basicConstraints = this_cert.getTBSCertificate().getExtensions().getExtension(X509Extensions.BasicConstraints);
if (basicConstraints == null) throw new SSLException("certificate did not contain a basic constraints block");
DERInputStream dis = new DERInputStream(new ByteArrayInputStream(basicConstraints.getValue().getOctets()));
- BasicConstraints bc = new BasicConstraints((DERConstructedSequence)dis.readObject());
+ BasicConstraints bc = new BasicConstraints((DERSequence)dis.readObject());
if (!bc.isCA()) throw new SSLException("non-CA certificate used for signing");
}
byte[] encrypted_pre_master_secret;
SubjectPublicKeyInfo pki = server_cert.getSubjectPublicKeyInfo();
- RSAPublicKeyStructure rsa_pks = new RSAPublicKeyStructure((DERConstructedSequence)pki.getPublicKey());
+ RSAPublicKeyStructure rsa_pks = new RSAPublicKeyStructure((DERSequence)pki.getPublicKey());
BigInteger modulus = rsa_pks.getModulus();
BigInteger exponent = rsa_pks.getPublicExponent();
// decrypt the signature using the signer's public key
byte[] ED = signee.getSignature().getBytes();
SubjectPublicKeyInfo pki = signer;
- RSAPublicKeyStructure rsa_pks = new RSAPublicKeyStructure((DERConstructedSequence)pki.getPublicKey());
+ RSAPublicKeyStructure rsa_pks = new RSAPublicKeyStructure((DERSequence)pki.getPublicKey());
BigInteger modulus = rsa_pks.getModulus();
BigInteger exponent = rsa_pks.getPublicExponent();
AsymmetricBlockCipher rsa = new PKCS1(new RSAEngine());
byte[] D = rsa.processBlock(ED, 0, ED.length);
BERInputStream beris = new BERInputStream(new ByteArrayInputStream(D));
DERObject derob = beris.readObject();
- DERConstructedSequence dercs = (DERConstructedSequence)derob;
+ DERSequence dercs = (DERSequence)derob;
DEROctetString deros = (DEROctetString)dercs.getObjectAt(1);
byte[] MD = deros.getOctets();
trusted_CA_public_key_identifiers[i/2] = base64_encoded_trusted_CA_public_keys[i];
byte[] b = Base64.decode(base64_encoded_trusted_CA_public_keys[i+1]);
DERInputStream dIn = new DERInputStream(new ByteArrayInputStream(b));
- trusted_CA_public_keys[i/2] = new SubjectPublicKeyInfo((DERConstructedSequence)dIn.readObject());
+ trusted_CA_public_keys[i/2] = new SubjectPublicKeyInfo((DERSequence)dIn.readObject());
}
} catch (Exception e) {