Search in sources :

Example 6 with SubjectPublicKeyInfo

use of com.android.apksig.internal.x509.SubjectPublicKeyInfo in project sshj by hierynomus.

the class ECDSAPrivateKeyInfoKeyPairConverter method getKeyPair.

/**
 * Get PEM Key Pair calculating ECDSA Public Key from ECDSA Private Key Information
 *
 * @param privateKeyInfo ECDSA Private Key Information
 * @return PEM Key Pair
 * @throws IOException Thrown on Public Key parsing failures
 */
@Override
public PEMKeyPair getKeyPair(final PrivateKeyInfo privateKeyInfo) throws IOException {
    Objects.requireNonNull(privateKeyInfo, "Private Key Info required");
    final AlgorithmIdentifier algorithmIdentifier = privateKeyInfo.getPrivateKeyAlgorithm();
    final ASN1ObjectIdentifier algorithm = algorithmIdentifier.getAlgorithm();
    if (X9ObjectIdentifiers.id_ecPublicKey.equals(algorithm)) {
        logger.debug("ECDSA Algorithm Found [{}]", algorithm);
    } else {
        throw new IllegalArgumentException(String.format("ECDSA Algorithm OID required [%s]", algorithm));
    }
    final byte[] encodedPublicKey = getEncodedPublicKey(privateKeyInfo);
    final SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo(algorithmIdentifier, encodedPublicKey);
    return new PEMKeyPair(subjectPublicKeyInfo, privateKeyInfo);
}
Also used : PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Example 7 with SubjectPublicKeyInfo

use of com.android.apksig.internal.x509.SubjectPublicKeyInfo in project sshj by hierynomus.

the class RSAPrivateKeyInfoKeyPairConverter method getKeyPair.

/**
 * Get PEM Key Pair parsing RSA Public Key attributes from RSA Private Key Information
 *
 * @param privateKeyInfo RSA Private Key Information
 * @return PEM Key Pair
 * @throws IOException Thrown on Public Key parsing failures
 */
@Override
public PEMKeyPair getKeyPair(final PrivateKeyInfo privateKeyInfo) throws IOException {
    Objects.requireNonNull(privateKeyInfo, "Private Key Info required");
    final AlgorithmIdentifier algorithmIdentifier = privateKeyInfo.getPrivateKeyAlgorithm();
    final ASN1ObjectIdentifier algorithm = algorithmIdentifier.getAlgorithm();
    if (PKCSObjectIdentifiers.rsaEncryption.equals(algorithm)) {
        logger.debug("RSA Algorithm Found [{}]", algorithm);
    } else {
        throw new IllegalArgumentException(String.format("RSA Algorithm OID required [%s]", algorithm));
    }
    final RSAPublicKey rsaPublicKey = getRsaPublicKey(privateKeyInfo);
    final SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo(algorithmIdentifier, rsaPublicKey);
    return new PEMKeyPair(subjectPublicKeyInfo, privateKeyInfo);
}
Also used : RSAPublicKey(org.bouncycastle.asn1.pkcs.RSAPublicKey) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Example 8 with SubjectPublicKeyInfo

use of com.android.apksig.internal.x509.SubjectPublicKeyInfo in project interlok by adaptris.

the class X509Builder method build.

private X509Certificate build() throws NoSuchAlgorithmException, CertificateException, OperatorCreationException {
    X509Certificate result = null;
    if (privateKey == null) {
        createKeyPair();
    }
    // The certificate is self-signed, so use the current
    // subject as the issuer
    X500Name name = certificateParm.getSubjectInfo();
    // The certificate is self-signed, do we exactly care what
    // the serial number that uniquely identifies is
    BigInteger serial = BigInteger.valueOf(Integer.valueOf(SecurityUtil.getSecureRandom().nextInt(10000)).longValue());
    GregorianCalendar valid = new GregorianCalendar();
    Date notBefore = valid.getTime();
    valid.add(Calendar.MONTH, 12);
    Date notAfter = valid.getTime();
    SubjectPublicKeyInfo pubKeyInfo = SubjectPublicKeyInfo.getInstance(ASN1Sequence.getInstance(publicKey.getEncoded()));
    X509v3CertificateBuilder certGen = new X509v3CertificateBuilder(name, serial, notBefore, notAfter, name, pubKeyInfo);
    String alg = certificateParm.getSignatureAlgorithm();
    JcaContentSignerBuilder builder = new JcaContentSignerBuilder(alg);
    // build and sign the certificate
    X509CertificateHolder certHolder = certGen.build(builder.build(privateKey));
    result = new JcaX509CertificateConverter().getCertificate(certHolder);
    return result;
}
Also used : X509v3CertificateBuilder(org.bouncycastle.cert.X509v3CertificateBuilder) JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) GregorianCalendar(java.util.GregorianCalendar) BigInteger(java.math.BigInteger) X500Name(org.bouncycastle.asn1.x500.X500Name) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) X509Certificate(java.security.cert.X509Certificate) Date(java.util.Date)

Example 9 with SubjectPublicKeyInfo

use of com.android.apksig.internal.x509.SubjectPublicKeyInfo in project remoting by jenkinsci.

the class X509CertificateRule method apply.

@Override
public Statement apply(final Statement base, final Description description) {
    Skip skip = description.getAnnotation(Skip.class);
    if (skip != null && (skip.value().length == 0 || Arrays.asList(skip.value()).contains(id))) {
        return base;
    }
    return new Statement() {

        @Override
        public void evaluate() throws Throwable {
            Date now = new Date();
            Date firstDate = new Date(now.getTime() + startDateOffsetMillis);
            Date lastDate = new Date(now.getTime() + endDateOffsetMillis);
            SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(subjectKey.getPublic().getEncoded());
            X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
            if (id != null) {
                nameBuilder.addRDN(BCStyle.CN, id);
            }
            X500Name subject = nameBuilder.addRDN(BCStyle.CN, description.getDisplayName()).addRDN(BCStyle.C, "US").build();
            X509v3CertificateBuilder certGen = new X509v3CertificateBuilder(subject, BigInteger.ONE, firstDate, lastDate, subject, subjectPublicKeyInfo);
            JcaX509ExtensionUtils instance = new JcaX509ExtensionUtils();
            certGen.addExtension(Extension.subjectKeyIdentifier, false, instance.createSubjectKeyIdentifier(subjectPublicKeyInfo));
            ContentSigner signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BOUNCY_CASTLE_PROVIDER).build(X509CertificateRule.this.signerKey.getPrivate());
            certificate = new JcaX509CertificateConverter().setProvider(BOUNCY_CASTLE_PROVIDER).getCertificate(certGen.build(signer));
            try {
                base.evaluate();
            } finally {
                certificate = null;
            }
        }
    };
}
Also used : JcaX509ExtensionUtils(org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils) X500NameBuilder(org.bouncycastle.asn1.x500.X500NameBuilder) Statement(org.junit.runners.model.Statement) X509v3CertificateBuilder(org.bouncycastle.cert.X509v3CertificateBuilder) JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) ContentSigner(org.bouncycastle.operator.ContentSigner) X500Name(org.bouncycastle.asn1.x500.X500Name) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) Date(java.util.Date)

Example 10 with SubjectPublicKeyInfo

use of com.android.apksig.internal.x509.SubjectPublicKeyInfo in project hotmoka by Hotmoka.

the class QTESLA3 method verify.

@Override
public boolean verify(T what, PublicKey publicKey, byte[] signature) throws SignatureException {
    byte[] bytes;
    try {
        bytes = supplier.get(what);
    } catch (Exception e) {
        throw new SignatureException("cannot transform value into bytes before verifying the signature", e);
    }
    synchronized (signer) {
        try {
            SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(new X509EncodedKeySpec(encodingOf(publicKey)).getEncoded());
            signer.init(false, PublicKeyFactory.createKey(subjectPublicKeyInfo));
            return signer.verifySignature(bytes, signature);
        } catch (Exception e) {
            throw new SignatureException("cannot verify signature", e);
        }
    }
}
Also used : X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) SignatureException(java.security.SignatureException) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) SignatureException(java.security.SignatureException) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) NoSuchProviderException(java.security.NoSuchProviderException)

Aggregations

SubjectPublicKeyInfo (org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)219 X500Name (org.bouncycastle.asn1.x500.X500Name)92 IOException (java.io.IOException)85 Date (java.util.Date)75 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)75 ContentSigner (org.bouncycastle.operator.ContentSigner)65 X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)64 X509v3CertificateBuilder (org.bouncycastle.cert.X509v3CertificateBuilder)61 BigInteger (java.math.BigInteger)54 JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)53 JcaContentSignerBuilder (org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)50 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)42 KeyPair (java.security.KeyPair)39 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)35 X509EncodedKeySpec (java.security.spec.X509EncodedKeySpec)32 SubjectPublicKeyInfo (com.github.zhenwei.core.asn1.x509.SubjectPublicKeyInfo)30 KeyPairGenerator (java.security.KeyPairGenerator)30 PublicKey (java.security.PublicKey)30 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)30 InvalidKeyException (java.security.InvalidKeyException)28