Example 6 with SubjectPublicKeyInfo
use of com.android.apksig.internal.x509.SubjectPublicKeyInfo in project sshj by hierynomus.
the class ECDSAPrivateKeyInfoKeyPairConverter method getKeyPair.
/**
* Get PEM Key Pair calculating ECDSA Public Key from ECDSA Private Key Information
*
* @param privateKeyInfo ECDSA Private Key Information
* @return PEM Key Pair
* @throws IOException Thrown on Public Key parsing failures
*/
@Override
public PEMKeyPair getKeyPair(final PrivateKeyInfo privateKeyInfo) throws IOException {
Objects.requireNonNull(privateKeyInfo, "Private Key Info required");
final AlgorithmIdentifier algorithmIdentifier = privateKeyInfo.getPrivateKeyAlgorithm();
final ASN1ObjectIdentifier algorithm = algorithmIdentifier.getAlgorithm();
if (X9ObjectIdentifiers.id_ecPublicKey.equals(algorithm)) {
logger.debug("ECDSA Algorithm Found [{}]", algorithm);
} else {
throw new IllegalArgumentException(String.format("ECDSA Algorithm OID required [%s]", algorithm));
}
final byte[] encodedPublicKey = getEncodedPublicKey(privateKeyInfo);
final SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo(algorithmIdentifier, encodedPublicKey);
return new PEMKeyPair(subjectPublicKeyInfo, privateKeyInfo);
}
Also used :
PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair)
SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 7 with SubjectPublicKeyInfo
use of com.android.apksig.internal.x509.SubjectPublicKeyInfo in project sshj by hierynomus.
the class RSAPrivateKeyInfoKeyPairConverter method getKeyPair.
/**
* Get PEM Key Pair parsing RSA Public Key attributes from RSA Private Key Information
*
* @param privateKeyInfo RSA Private Key Information
* @return PEM Key Pair
* @throws IOException Thrown on Public Key parsing failures
*/
@Override
public PEMKeyPair getKeyPair(final PrivateKeyInfo privateKeyInfo) throws IOException {
Objects.requireNonNull(privateKeyInfo, "Private Key Info required");
final AlgorithmIdentifier algorithmIdentifier = privateKeyInfo.getPrivateKeyAlgorithm();
final ASN1ObjectIdentifier algorithm = algorithmIdentifier.getAlgorithm();
if (PKCSObjectIdentifiers.rsaEncryption.equals(algorithm)) {
logger.debug("RSA Algorithm Found [{}]", algorithm);
} else {
throw new IllegalArgumentException(String.format("RSA Algorithm OID required [%s]", algorithm));
}
final RSAPublicKey rsaPublicKey = getRsaPublicKey(privateKeyInfo);
final SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo(algorithmIdentifier, rsaPublicKey);
return new PEMKeyPair(subjectPublicKeyInfo, privateKeyInfo);
}
Also used :
RSAPublicKey(org.bouncycastle.asn1.pkcs.RSAPublicKey)
PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair)
SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 8 with SubjectPublicKeyInfo
use of com.android.apksig.internal.x509.SubjectPublicKeyInfo in project interlok by adaptris.
the class X509Builder method build.
private X509Certificate build() throws NoSuchAlgorithmException, CertificateException, OperatorCreationException {
X509Certificate result = null;
if (privateKey == null) {
createKeyPair();
}
// The certificate is self-signed, so use the current
// subject as the issuer
X500Name name = certificateParm.getSubjectInfo();
// The certificate is self-signed, do we exactly care what
// the serial number that uniquely identifies is
BigInteger serial = BigInteger.valueOf(Integer.valueOf(SecurityUtil.getSecureRandom().nextInt(10000)).longValue());
GregorianCalendar valid = new GregorianCalendar();
Date notBefore = valid.getTime();
valid.add(Calendar.MONTH, 12);
Date notAfter = valid.getTime();
SubjectPublicKeyInfo pubKeyInfo = SubjectPublicKeyInfo.getInstance(ASN1Sequence.getInstance(publicKey.getEncoded()));
X509v3CertificateBuilder certGen = new X509v3CertificateBuilder(name, serial, notBefore, notAfter, name, pubKeyInfo);
String alg = certificateParm.getSignatureAlgorithm();
JcaContentSignerBuilder builder = new JcaContentSignerBuilder(alg);
// build and sign the certificate
X509CertificateHolder certHolder = certGen.build(builder.build(privateKey));
result = new JcaX509CertificateConverter().getCertificate(certHolder);
return result;
}
Also used :
X509v3CertificateBuilder(org.bouncycastle.cert.X509v3CertificateBuilder)
JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)
JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)
X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder)
GregorianCalendar(java.util.GregorianCalendar)
BigInteger(java.math.BigInteger)
X500Name(org.bouncycastle.asn1.x500.X500Name)
SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
X509Certificate(java.security.cert.X509Certificate)
Date(java.util.Date)
Example 9 with SubjectPublicKeyInfo
use of com.android.apksig.internal.x509.SubjectPublicKeyInfo in project remoting by jenkinsci.
the class X509CertificateRule method apply.
@Override
public Statement apply(final Statement base, final Description description) {
Skip skip = description.getAnnotation(Skip.class);
if (skip != null && (skip.value().length == 0 || Arrays.asList(skip.value()).contains(id))) {
return base;
}
return new Statement() {
@Override
public void evaluate() throws Throwable {
Date now = new Date();
Date firstDate = new Date(now.getTime() + startDateOffsetMillis);
Date lastDate = new Date(now.getTime() + endDateOffsetMillis);
SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(subjectKey.getPublic().getEncoded());
X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
if (id != null) {
nameBuilder.addRDN(BCStyle.CN, id);
}
X500Name subject = nameBuilder.addRDN(BCStyle.CN, description.getDisplayName()).addRDN(BCStyle.C, "US").build();
X509v3CertificateBuilder certGen = new X509v3CertificateBuilder(subject, BigInteger.ONE, firstDate, lastDate, subject, subjectPublicKeyInfo);
JcaX509ExtensionUtils instance = new JcaX509ExtensionUtils();
certGen.addExtension(Extension.subjectKeyIdentifier, false, instance.createSubjectKeyIdentifier(subjectPublicKeyInfo));
ContentSigner signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BOUNCY_CASTLE_PROVIDER).build(X509CertificateRule.this.signerKey.getPrivate());
certificate = new JcaX509CertificateConverter().setProvider(BOUNCY_CASTLE_PROVIDER).getCertificate(certGen.build(signer));
try {
base.evaluate();
} finally {
certificate = null;
}
}
};
}
Also used :
JcaX509ExtensionUtils(org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils)
X500NameBuilder(org.bouncycastle.asn1.x500.X500NameBuilder)
Statement(org.junit.runners.model.Statement)
X509v3CertificateBuilder(org.bouncycastle.cert.X509v3CertificateBuilder)
JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)
JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)
ContentSigner(org.bouncycastle.operator.ContentSigner)
X500Name(org.bouncycastle.asn1.x500.X500Name)
SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
Date(java.util.Date)
Example 10 with SubjectPublicKeyInfo
use of com.android.apksig.internal.x509.SubjectPublicKeyInfo in project hotmoka by Hotmoka.
the class QTESLA3 method verify.
@Override
public boolean verify(T what, PublicKey publicKey, byte[] signature) throws SignatureException {
byte[] bytes;
try {
bytes = supplier.get(what);
} catch (Exception e) {
throw new SignatureException("cannot transform value into bytes before verifying the signature", e);
}
synchronized (signer) {
try {
SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(new X509EncodedKeySpec(encodingOf(publicKey)).getEncoded());
signer.init(false, PublicKeyFactory.createKey(subjectPublicKeyInfo));
return signer.verifySignature(bytes, signature);
} catch (Exception e) {
throw new SignatureException("cannot verify signature", e);
}
}
}
Also used :
X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec)
SignatureException(java.security.SignatureException)
SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
SignatureException(java.security.SignatureException)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
NoSuchProviderException(java.security.NoSuchProviderException)
Aggregations
SubjectPublicKeyInfo (org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)219
X500Name (org.bouncycastle.asn1.x500.X500Name)92
IOException (java.io.IOException)85
Date (java.util.Date)75
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)75
ContentSigner (org.bouncycastle.operator.ContentSigner)65
X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)64
X509v3CertificateBuilder (org.bouncycastle.cert.X509v3CertificateBuilder)61
BigInteger (java.math.BigInteger)54
JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)53
JcaContentSignerBuilder (org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)50
InvalidKeySpecException (java.security.spec.InvalidKeySpecException)42
KeyPair (java.security.KeyPair)39
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)35
X509EncodedKeySpec (java.security.spec.X509EncodedKeySpec)32
SubjectPublicKeyInfo (com.github.zhenwei.core.asn1.x509.SubjectPublicKeyInfo)30
KeyPairGenerator (java.security.KeyPairGenerator)30
PublicKey (java.security.PublicKey)30
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)30
InvalidKeyException (java.security.InvalidKeyException)28
