Example 1 with ArrayBuilder
use of co.nstant.in.cbor.builder.ArrayBuilder in project identity-credential by google.
the class Util method coseSign1Sign.
@NonNull
static DataItem coseSign1Sign(@NonNull Signature s, @Nullable byte[] data, @Nullable byte[] detachedContent, @Nullable Collection<X509Certificate> certificateChain) {
int dataLen = (data != null ? data.length : 0);
int detachedContentLen = (detachedContent != null ? detachedContent.length : 0);
if (dataLen > 0 && detachedContentLen > 0) {
throw new IllegalArgumentException("data and detachedContent cannot both be non-empty");
}
int keySize;
int alg;
if (s.getAlgorithm().equals("SHA256withECDSA")) {
keySize = 32;
alg = COSE_ALG_ECDSA_256;
} else if (s.getAlgorithm().equals("SHA384withECDSA")) {
keySize = 48;
alg = COSE_ALG_ECDSA_384;
} else if (s.getAlgorithm().equals("SHA512withECDSA")) {
keySize = 64;
alg = COSE_ALG_ECDSA_512;
} else {
throw new IllegalArgumentException("Unsupported algorithm " + s.getAlgorithm());
}
CborBuilder protectedHeaders = new CborBuilder();
MapBuilder<CborBuilder> protectedHeadersMap = protectedHeaders.addMap();
protectedHeadersMap.put(COSE_LABEL_ALG, alg);
byte[] protectedHeadersBytes = cborEncode(protectedHeaders.build().get(0));
byte[] toBeSigned = coseBuildToBeSigned(protectedHeadersBytes, data, detachedContent);
byte[] coseSignature = null;
try {
s.update(toBeSigned);
byte[] derSignature = s.sign();
coseSignature = signatureDerToCose(derSignature, keySize);
} catch (SignatureException e) {
throw new IllegalStateException("Error signing data", e);
}
CborBuilder builder = new CborBuilder();
ArrayBuilder<CborBuilder> array = builder.addArray();
array.add(protectedHeadersBytes);
MapBuilder<ArrayBuilder<CborBuilder>> unprotectedHeaders = array.addMap();
try {
if (certificateChain != null && certificateChain.size() > 0) {
if (certificateChain.size() == 1) {
X509Certificate cert = certificateChain.iterator().next();
unprotectedHeaders.put(COSE_LABEL_X5CHAIN, cert.getEncoded());
} else {
ArrayBuilder<MapBuilder<ArrayBuilder<CborBuilder>>> x5chainsArray = unprotectedHeaders.putArray(COSE_LABEL_X5CHAIN);
for (X509Certificate cert : certificateChain) {
x5chainsArray.add(cert.getEncoded());
}
}
}
} catch (CertificateEncodingException e) {
throw new IllegalStateException("Error encoding certificate", e);
}
if (data == null || data.length == 0) {
array.add(new SimpleValue(SimpleValueType.NULL));
} else {
array.add(data);
}
array.add(coseSignature);
return builder.build().get(0);
}
Also used :
CertificateEncodingException(java.security.cert.CertificateEncodingException)
SignatureException(java.security.SignatureException)
ECPoint(java.security.spec.ECPoint)
X509Certificate(java.security.cert.X509Certificate)
SimpleValue(co.nstant.in.cbor.model.SimpleValue)
MapBuilder(co.nstant.in.cbor.builder.MapBuilder)
ArrayBuilder(co.nstant.in.cbor.builder.ArrayBuilder)
CborBuilder(co.nstant.in.cbor.CborBuilder)
NonNull(androidx.annotation.NonNull)
Example 2 with ArrayBuilder
use of co.nstant.in.cbor.builder.ArrayBuilder in project cose-lib by android.
the class Recipient method encode.
@Override
public DataItem encode() throws CborException {
ArrayBuilder<CborBuilder> arrayBuilder = new CborBuilder().addArray();
arrayBuilder.add(CoseUtils.serializeProtectedHeaders(getProtectedHeaders())).add(getUnprotectedHeaders()).add(getCiphertext());
if (recipients != null && !recipients.isEmpty()) {
ArrayBuilder<ArrayBuilder<CborBuilder>> recipientArrayBuilder = arrayBuilder.addArray();
for (Recipient recipient : recipients) {
recipientArrayBuilder.add(recipient.encode());
}
recipientArrayBuilder.end();
}
return arrayBuilder.end().build().get(0);
}
Also used :
ArrayBuilder(co.nstant.in.cbor.builder.ArrayBuilder)
CborBuilder(co.nstant.in.cbor.CborBuilder)
Example 3 with ArrayBuilder
use of co.nstant.in.cbor.builder.ArrayBuilder in project cose-lib by android.
the class SignMessage method encode.
@Override
public DataItem encode() throws CoseException, CborException {
if (signatures == null || signatures.size() == 0) {
throw new CoseException("Error while serializing SignMessage. Signatures not found.");
}
ArrayBuilder<CborBuilder> messageBuilder = new CborBuilder().addArray();
messageBuilder.add(CoseUtils.serializeProtectedHeaders(getProtectedHeaders())).add(getUnprotectedHeaders()).add(message);
ArrayBuilder<ArrayBuilder<CborBuilder>> signArrayBuilder = messageBuilder.addArray();
for (Signature signature : signatures) {
signArrayBuilder.add(signature.encode());
}
signArrayBuilder.end();
return messageBuilder.end().build().get(0);
}
Also used :
CoseException(com.google.cose.exceptions.CoseException)
ArrayBuilder(co.nstant.in.cbor.builder.ArrayBuilder)
CborBuilder(co.nstant.in.cbor.CborBuilder)
Example 4 with ArrayBuilder
use of co.nstant.in.cbor.builder.ArrayBuilder in project cose-lib by android.
the class EncryptMessage method encode.
@Override
public DataItem encode() throws CborException, CoseException {
ArrayBuilder<CborBuilder> encryptArrayBuilder = new CborBuilder().addArray();
encryptArrayBuilder.add(CoseUtils.serializeProtectedHeaders(getProtectedHeaders())).add(getUnprotectedHeaders()).add(ciphertext);
ArrayBuilder<ArrayBuilder<CborBuilder>> recipientArrayBuilder = encryptArrayBuilder.addArray();
if (recipients == null) {
throw new CoseException("Error while serializing EncryptMessage. Recipient field not found.");
}
for (Recipient recipient : recipients) {
recipientArrayBuilder.add(recipient.encode());
}
recipientArrayBuilder.end();
return encryptArrayBuilder.end().build().get(0);
}
Also used :
CoseException(com.google.cose.exceptions.CoseException)
ArrayBuilder(co.nstant.in.cbor.builder.ArrayBuilder)
CborBuilder(co.nstant.in.cbor.CborBuilder)
Example 5 with ArrayBuilder
use of co.nstant.in.cbor.builder.ArrayBuilder in project cose-lib by android.
the class MacMessage method encode.
@Override
public DataItem encode() throws CoseException, CborException {
if (recipients == null) {
throw new CoseException("Error while serializing MacMessage. Recipient field not found.");
}
ArrayBuilder<CborBuilder> macArrayBuilder = new CborBuilder().addArray();
macArrayBuilder.add(CoseUtils.serializeProtectedHeaders(getProtectedHeaders())).add(getUnprotectedHeaders()).add(message).add(tag);
ArrayBuilder<ArrayBuilder<CborBuilder>> recipientArrayBuilder = macArrayBuilder.addArray();
for (Recipient recipient : recipients) {
recipientArrayBuilder.add(recipient.encode());
}
recipientArrayBuilder.end();
return macArrayBuilder.end().build().get(0);
}
Also used :
CoseException(com.google.cose.exceptions.CoseException)
ArrayBuilder(co.nstant.in.cbor.builder.ArrayBuilder)
CborBuilder(co.nstant.in.cbor.CborBuilder)
Aggregations
CborBuilder (co.nstant.in.cbor.CborBuilder)6
ArrayBuilder (co.nstant.in.cbor.builder.ArrayBuilder)6
CoseException (com.google.cose.exceptions.CoseException)3
NonNull (androidx.annotation.NonNull)1
MapBuilder (co.nstant.in.cbor.builder.MapBuilder)1
ByteString (co.nstant.in.cbor.model.ByteString)1
SimpleValue (co.nstant.in.cbor.model.SimpleValue)1
UnicodeString (co.nstant.in.cbor.model.UnicodeString)1
SignatureException (java.security.SignatureException)1
CertificateEncodingException (java.security.cert.CertificateEncodingException)1
X509Certificate (java.security.cert.X509Certificate)1
ECPoint (java.security.spec.ECPoint)1
