Examples with SubjectPublicKeyInfo - com.android.apksig.internal.x509.SubjectPublicKeyInfo

Example 36 with SubjectPublicKeyInfo

use of com.android.apksig.internal.x509.SubjectPublicKeyInfo in project attestation by TokenScript.

the class Cheque method encodeSignedCheque.

private byte[] encodeSignedCheque(ASN1Sequence cheque, byte[] signature, AsymmetricKeyParameter publicKey) throws IOException {
    ASN1EncodableVector signedCheque = new ASN1EncodableVector();
    signedCheque.add(cheque);
    SubjectPublicKeyInfo spki = SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(publicKey);
    signedCheque.add(spki.getPublicKeyData());
    signedCheque.add(new DERBitString(signature));
    return new DERSequence(signedCheque).getEncoded();
}

Also used : DERSequence(org.bouncycastle.asn1.DERSequence) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) DERBitString(org.bouncycastle.asn1.DERBitString) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)

Example 37 with SubjectPublicKeyInfo

use of com.android.apksig.internal.x509.SubjectPublicKeyInfo in project aws-greengrass-nucleus by aws-greengrass.

the class EncryptionUtilsTest method generateCertificateFile.

public static Pair<Path, KeyPair> generateCertificateFile(int keySize, boolean pem, Path filepath, boolean ec) throws Exception {
    KeyPair keyPair;
    if (ec) {
        keyPair = generateECKeyPair(keySize);
    } else {
        keyPair = generateRSAKeyPair(keySize);
    }
    X500Name name = new X500Name("CN=ROOT");
    SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded());
    Date start = new Date();
    Date until = Date.from(LocalDate.now().plus(365, ChronoUnit.DAYS).atStartOfDay().toInstant(ZoneOffset.UTC));
    X509v3CertificateBuilder builder = new X509v3CertificateBuilder(name, new BigInteger(10, new SecureRandom()), start, until, name, subjectPublicKeyInfo);
    String signingAlgo = "SHA256WithRSA";
    if (ec) {
        signingAlgo = "SHA256WITHECDSA";
    }
    ContentSigner signer = new JcaContentSignerBuilder(signingAlgo).setProvider(new BouncyCastleProvider()).build(keyPair.getPrivate());
    X509CertificateHolder holder = builder.build(signer);
    X509Certificate certificate = new JcaX509CertificateConverter().setProvider(new BouncyCastleProvider()).getCertificate(holder);
    if (pem) {
        try (PrintWriter out = new PrintWriter(filepath.toFile())) {
            out.println("-----BEGIN CERTIFICATE-----");
            out.println(new String(Base64.encodeBase64(certificate.getEncoded())));
            out.println("-----END CERTIFICATE-----");
        }
    } else {
        try (OutputStream outputStream = Files.newOutputStream(filepath)) {
            outputStream.write(certificate.getEncoded());
        }
    }
    return new Pair<>(filepath, keyPair);
}

Also used : KeyPair(java.security.KeyPair) JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) OutputStream(java.io.OutputStream) ContentSigner(org.bouncycastle.operator.ContentSigner) SecureRandom(java.security.SecureRandom) X500Name(org.bouncycastle.asn1.x500.X500Name) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) Date(java.util.Date) LocalDate(java.time.LocalDate) X509Certificate(java.security.cert.X509Certificate) X509v3CertificateBuilder(org.bouncycastle.cert.X509v3CertificateBuilder) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) BigInteger(java.math.BigInteger) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider) PrintWriter(java.io.PrintWriter) KeyPair(java.security.KeyPair)

Example 38 with SubjectPublicKeyInfo

use of com.android.apksig.internal.x509.SubjectPublicKeyInfo in project in-toto-java by in-toto.

the class KeyUtilities method readPublicKey.

/**
 * Reads Public Key from file using {@link PEMParser}
 *
 * @param file the file that contains the public key
 * @return a PublicKey
 * @throws IOException thrown when there are issues reading the file.
 */
public static PublicKey readPublicKey(File file) throws IOException {
    try (FileReader keyReader = new FileReader(file)) {
        PEMParser pemParser = new PEMParser(keyReader);
        JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
        SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfo.getInstance(pemParser.readObject());
        return converter.getPublicKey(publicKeyInfo);
    }
}

Also used : PEMParser(org.bouncycastle.openssl.PEMParser) JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter) FileReader(java.io.FileReader) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)

Example 39 with SubjectPublicKeyInfo

use of com.android.apksig.internal.x509.SubjectPublicKeyInfo in project in-toto-java by in-toto.

the class RSAKey method readPemBuffer.

/**
 * Static method to de-serialize a keypair from a reader.
 *
 * @param reader the reader that will be used to de-serialize the key
 * @return An instance of an RSAKey contained in the reader instance
 */
public static RSAKey readPemBuffer(Reader reader) {
    PEMParser pemReader = new PEMParser(reader);
    PEMKeyPair kpr = null;
    // FIXME: some proper exception handling here is in order
    try {
        Object pem = pemReader.readObject();
        if (pem instanceof PEMKeyPair) {
            kpr = (PEMKeyPair) pem;
        } else if (pem instanceof SubjectPublicKeyInfo) {
            kpr = new PEMKeyPair((SubjectPublicKeyInfo) pem, null);
        } else {
            throw new RuntimeException("Couldn't parse PEM object: " + pem.toString());
        }
    } catch (IOException e) {
    }
    return new RSAKey(kpr);
}

Also used : PEMParser(org.bouncycastle.openssl.PEMParser) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) IOException(java.io.IOException) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)

Example 40 with SubjectPublicKeyInfo

use of com.android.apksig.internal.x509.SubjectPublicKeyInfo in project PCNGateway-Java-SDK by BSNDA.

the class R1Algorithm method getUserCertInfo.

/**
 * Get certificate CSR
 *
 * @param DN
 * @return
 */
@Override
public UserCertInfo getUserCertInfo(String DN) throws Exception {
    Security.addProvider(new BouncyCastleProvider());
    int algSize = 256;
    String sigAlg = "SHA256withECDSA";
    KeyPairGenerator kpg = KeyPairGenerator.getInstance("ECDSA");
    kpg.initialize(algSize, new SecureRandom());
    KeyPair kp = kpg.generateKeyPair();
    PrivateKey privateKey = kp.getPrivate();
    Signature signature = Signature.getInstance(sigAlg);
    signature.initSign(privateKey);
    X500Name x500Name = new X500Name(DN);
    SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(kp.getPublic().getEncoded());
    PKCS10CertificationRequestBuilder builder = new PKCS10CertificationRequestBuilder(x500Name, subjectPublicKeyInfo);
    JcaContentSignerBuilder jcaContentSignerBuilder = new JcaContentSignerBuilder(sigAlg);
    Provider BC = new BouncyCastleProvider();
    jcaContentSignerBuilder.setProvider(BC);
    ContentSigner contentSigner = jcaContentSignerBuilder.build(kp.getPrivate());
    PKCS10CertificationRequest csr = builder.build(contentSigner);
    byte[] der = csr.getEncoded();
    String strPEMCSR = "-----BEGIN CERTIFICATE REQUEST-----\n";
    strPEMCSR += new String(org.bouncycastle.util.encoders.Base64.encode(der));
    strPEMCSR += "\n-----END CERTIFICATE REQUEST-----\n";
    UserCertInfo user = new UserCertInfo();
    user.setCSRPem(strPEMCSR);
    user.setKey(privateKey);
    return user;
}

Also used : PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest) UserCertInfo(com.bsnbase.sdk.util.common.UserCertInfo) JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) ContentSigner(org.bouncycastle.operator.ContentSigner) PKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder) X500Name(org.bouncycastle.asn1.x500.X500Name) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)

Aggregations

SubjectPublicKeyInfo (org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)219 X500Name (org.bouncycastle.asn1.x500.X500Name)92 IOException (java.io.IOException)85 Date (java.util.Date)75 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)75 ContentSigner (org.bouncycastle.operator.ContentSigner)65 X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)64 X509v3CertificateBuilder (org.bouncycastle.cert.X509v3CertificateBuilder)61 BigInteger (java.math.BigInteger)54 JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)53 JcaContentSignerBuilder (org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)50 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)42 KeyPair (java.security.KeyPair)39 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)35 X509EncodedKeySpec (java.security.spec.X509EncodedKeySpec)32 SubjectPublicKeyInfo (com.github.zhenwei.core.asn1.x509.SubjectPublicKeyInfo)30 KeyPairGenerator (java.security.KeyPairGenerator)30 PublicKey (java.security.PublicKey)30 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)30 InvalidKeyException (java.security.InvalidKeyException)28