Search in sources :

Example 81 with ASN1Encodable

use of com.android.org.bouncycastle.asn1.ASN1Encodable in project signer by demoiselle.

the class CertificateRefs method getValue.

@Override
public Attribute getValue() throws SignerException {
    try {
        int chainSize = certificates.length - 1;
        OtherCertID[] arrayOtherCertID = new OtherCertID[chainSize];
        for (int i = 1; i <= chainSize; i++) {
            X509Certificate issuerCert = null;
            X509Certificate cert = (X509Certificate) certificates[i];
            if (i < chainSize) {
                issuerCert = (X509Certificate) certificates[i + 1];
            } else {
                // raiz
                issuerCert = (X509Certificate) certificates[i];
            }
            Digest digest = DigestFactory.getInstance().factoryDefault();
            digest.setAlgorithm(DigestAlgorithmEnum.SHA_256);
            byte[] certHash = digest.digest(cert.getEncoded());
            X500Name dirName = new X500Name(issuerCert.getSubjectX500Principal().getName());
            GeneralName name = new GeneralName(dirName);
            GeneralNames issuer = new GeneralNames(name);
            ASN1Integer serialNumber = new ASN1Integer(cert.getSerialNumber());
            IssuerSerial issuerSerial = new IssuerSerial(issuer, serialNumber);
            AlgorithmIdentifier algId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256);
            OtherCertID otherCertID = new OtherCertID(algId, certHash, issuerSerial);
            arrayOtherCertID[i - 1] = otherCertID;
        }
        return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new ASN1Encodable[] { new DERSequence(arrayOtherCertID) }));
    } catch (CertificateEncodingException e) {
        throw new SignerException(e.getMessage());
    }
}
Also used : IssuerSerial(org.bouncycastle.asn1.x509.IssuerSerial) Digest(org.demoiselle.signer.cryptography.Digest) UnsignedAttribute(org.demoiselle.signer.policy.impl.cades.pkcs7.attribute.UnsignedAttribute) Attribute(org.bouncycastle.asn1.cms.Attribute) CertificateEncodingException(java.security.cert.CertificateEncodingException) X500Name(org.bouncycastle.asn1.x500.X500Name) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) DERSet(org.bouncycastle.asn1.DERSet) X509Certificate(java.security.cert.X509Certificate) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) OtherCertID(org.bouncycastle.asn1.ess.OtherCertID) DERSequence(org.bouncycastle.asn1.DERSequence) GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) GeneralName(org.bouncycastle.asn1.x509.GeneralName) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) SignerException(org.demoiselle.signer.policy.impl.cades.SignerException) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 82 with ASN1Encodable

use of com.android.org.bouncycastle.asn1.ASN1Encodable in project signer by demoiselle.

the class SignerRules method parse.

@Override
public void parse(ASN1Primitive primitive) {
    ASN1Sequence derSequence = ASN1Object.getDERSequence(primitive);
    int total = derSequence.size();
    if (total > 0) {
        for (int i = 0; i < total; i++) {
            ASN1Primitive object = derSequence.getObjectAt(i).toASN1Primitive();
            if (object instanceof DERTaggedObject) {
                DERTaggedObject derTaggedObject = (DERTaggedObject) object;
                TAG tag = TAG.getTag(derTaggedObject.getTagNo());
                switch(tag) {
                    case mandatedCertificateRef:
                        this.mandatedCertificateRef = CertRefReq.parse(object);
                        break;
                    case mandatedCertificateInfo:
                        this.mandatedCertificateInfo = CertInfoReq.parse(object);
                        break;
                    case signPolExtensions:
                        this.signPolExtensions = new SignPolExtensions();
                        this.signPolExtensions.parse(object);
                        break;
                    default:
                        break;
                }
            }
        }
    }
    int i = 0;
    ASN1Encodable object = derSequence.getObjectAt(i);
    if (!(object instanceof DERSequence)) {
        if (object instanceof ASN1Boolean) {
            this.externalSignedData = ((ASN1Boolean) object).isTrue();
        }
        i++;
    }
    this.mandatedSignedAttr = new CMSAttrs();
    this.mandatedSignedAttr.parse(derSequence.getObjectAt(i).toASN1Primitive());
    i++;
    this.mandatedUnsignedAttr = new CMSAttrs();
    this.mandatedUnsignedAttr.parse(derSequence.getObjectAt(i).toASN1Primitive());
}
Also used : ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) DERSequence(org.bouncycastle.asn1.DERSequence) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) ASN1Boolean(org.bouncycastle.asn1.ASN1Boolean) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive)

Example 83 with ASN1Encodable

use of com.android.org.bouncycastle.asn1.ASN1Encodable in project open-ecard by ecsec.

the class ListCertificates method getUniqueIdentifier.

private String getUniqueIdentifier(X509Certificate cert) {
    // try to get SERIALNUMBER from subject
    X500Name sub = X500Name.getInstance(cert.getSubjectX500Principal().getEncoded());
    RDN[] serials = sub.getRDNs(BCStyle.SERIALNUMBER);
    if (serials.length >= 1) {
        AttributeTypeAndValue serialValueType = serials[0].getFirst();
        ASN1Encodable serialValue = serialValueType.getValue();
        if (ASN1String.class.isInstance(serialValue)) {
            return ASN1String.class.cast(serialValue).getString();
        }
    }
    // no SERIALNUMBER, hash subject and cross fingers that this is unique across replacement cards
    try {
        SHA256Digest digest = new SHA256Digest();
        byte[] subData = sub.getEncoded();
        digest.update(subData, 0, subData.length);
        byte[] hashResult = new byte[digest.getDigestSize()];
        digest.doFinal(hashResult, 0);
        String hashedSub = ByteUtils.toWebSafeBase64String(hashResult);
        return hashedSub;
    } catch (IOException ex) {
        throw new RuntimeException("Failed to encode subject.", ex);
    }
}
Also used : SHA256Digest(org.openecard.bouncycastle.crypto.digests.SHA256Digest) X500Name(org.openecard.bouncycastle.asn1.x500.X500Name) ASN1Encodable(org.openecard.bouncycastle.asn1.ASN1Encodable) ASN1String(org.openecard.bouncycastle.asn1.ASN1String) ASN1String(org.openecard.bouncycastle.asn1.ASN1String) ASN1OctetString(org.openecard.bouncycastle.asn1.ASN1OctetString) IOException(java.io.IOException) RDN(org.openecard.bouncycastle.asn1.x500.RDN) AttributeTypeAndValue(org.openecard.bouncycastle.asn1.x500.AttributeTypeAndValue)

Example 84 with ASN1Encodable

use of com.android.org.bouncycastle.asn1.ASN1Encodable in project xades4j by luisgoncalves.

the class SignerSpecificTest method data.

@Parameterized.Parameters
public static Collection<ASN1Encodable[]> data() {
    ArrayList<ASN1Encodable[]> result = new ArrayList<ASN1Encodable[]>();
    result.add(new ASN1Encodable[] { new DERBMPString(NATIONAL_DN_CYRILLIC) });
    result.add(new ASN1Encodable[] { new DERUTF8String(NATIONAL_DN_CYRILLIC) });
    result.add(new ASN1Encodable[] { new DERBMPString(NATIONAL_DN_ARABIC) });
    result.add(new ASN1Encodable[] { new DERUTF8String(NATIONAL_DN_ARABIC) });
    return result;
}
Also used : DERUTF8String(org.bouncycastle.asn1.DERUTF8String) DERBMPString(org.bouncycastle.asn1.DERBMPString) ArrayList(java.util.ArrayList) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)

Example 85 with ASN1Encodable

use of com.android.org.bouncycastle.asn1.ASN1Encodable in project robovm by robovm.

the class PublicKeyFactory method createKey.

/**
     * Create a public key from the passed in SubjectPublicKeyInfo
     * 
     * @param keyInfo the SubjectPublicKeyInfo containing the key data
     * @return the appropriate key parameter
     * @throws IOException on an error decoding the key
     */
public static AsymmetricKeyParameter createKey(SubjectPublicKeyInfo keyInfo) throws IOException {
    AlgorithmIdentifier algId = keyInfo.getAlgorithm();
    if (algId.getAlgorithm().equals(PKCSObjectIdentifiers.rsaEncryption) || algId.getAlgorithm().equals(X509ObjectIdentifiers.id_ea_rsa)) {
        RSAPublicKey pubKey = RSAPublicKey.getInstance(keyInfo.parsePublicKey());
        return new RSAKeyParameters(false, pubKey.getModulus(), pubKey.getPublicExponent());
    } else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.dhpublicnumber)) {
        DHPublicKey dhPublicKey = DHPublicKey.getInstance(keyInfo.parsePublicKey());
        BigInteger y = dhPublicKey.getY().getValue();
        DHDomainParameters dhParams = DHDomainParameters.getInstance(algId.getParameters());
        BigInteger p = dhParams.getP().getValue();
        BigInteger g = dhParams.getG().getValue();
        BigInteger q = dhParams.getQ().getValue();
        BigInteger j = null;
        if (dhParams.getJ() != null) {
            j = dhParams.getJ().getValue();
        }
        DHValidationParameters validation = null;
        DHValidationParms dhValidationParms = dhParams.getValidationParms();
        if (dhValidationParms != null) {
            byte[] seed = dhValidationParms.getSeed().getBytes();
            BigInteger pgenCounter = dhValidationParms.getPgenCounter().getValue();
            // TODO Check pgenCounter size?
            validation = new DHValidationParameters(seed, pgenCounter.intValue());
        }
        return new DHPublicKeyParameters(y, new DHParameters(p, g, q, j, validation));
    } else if (algId.getAlgorithm().equals(PKCSObjectIdentifiers.dhKeyAgreement)) {
        DHParameter params = DHParameter.getInstance(algId.getParameters());
        ASN1Integer derY = (ASN1Integer) keyInfo.parsePublicKey();
        BigInteger lVal = params.getL();
        int l = lVal == null ? 0 : lVal.intValue();
        DHParameters dhParams = new DHParameters(params.getP(), params.getG(), null, l);
        return new DHPublicKeyParameters(derY.getValue(), dhParams);
    } else // END android-removed
    if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa) || algId.getAlgorithm().equals(OIWObjectIdentifiers.dsaWithSHA1)) {
        ASN1Integer derY = (ASN1Integer) keyInfo.parsePublicKey();
        ASN1Encodable de = algId.getParameters();
        DSAParameters parameters = null;
        if (de != null) {
            DSAParameter params = DSAParameter.getInstance(de.toASN1Primitive());
            parameters = new DSAParameters(params.getP(), params.getQ(), params.getG());
        }
        return new DSAPublicKeyParameters(derY.getValue(), parameters);
    } else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_ecPublicKey)) {
        X962Parameters params = new X962Parameters((ASN1Primitive) algId.getParameters());
        X9ECParameters x9;
        if (params.isNamedCurve()) {
            ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) params.getParameters();
            x9 = X962NamedCurves.getByOID(oid);
            if (x9 == null) {
                x9 = SECNamedCurves.getByOID(oid);
                if (x9 == null) {
                    x9 = NISTNamedCurves.getByOID(oid);
                // BEGIN android-removed
                // if (x9 == null)
                // {
                //     x9 = TeleTrusTNamedCurves.getByOID(oid);
                // }
                // END android-removed
                }
            }
        } else {
            x9 = X9ECParameters.getInstance(params.getParameters());
        }
        ASN1OctetString key = new DEROctetString(keyInfo.getPublicKeyData().getBytes());
        X9ECPoint derQ = new X9ECPoint(x9.getCurve(), key);
        // TODO We lose any named parameters here
        ECDomainParameters dParams = new ECDomainParameters(x9.getCurve(), x9.getG(), x9.getN(), x9.getH(), x9.getSeed());
        return new ECPublicKeyParameters(derQ.getPoint(), dParams);
    } else {
        throw new RuntimeException("algorithm identifier in key not recognised");
    }
}
Also used : ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DHPublicKeyParameters(org.bouncycastle.crypto.params.DHPublicKeyParameters) ECDomainParameters(org.bouncycastle.crypto.params.ECDomainParameters) DHPublicKey(org.bouncycastle.asn1.x9.DHPublicKey) X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters) DHValidationParms(org.bouncycastle.asn1.x9.DHValidationParms) ECPublicKeyParameters(org.bouncycastle.crypto.params.ECPublicKeyParameters) RSAKeyParameters(org.bouncycastle.crypto.params.RSAKeyParameters) DEROctetString(org.bouncycastle.asn1.DEROctetString) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) X962Parameters(org.bouncycastle.asn1.x9.X962Parameters) RSAPublicKey(org.bouncycastle.asn1.pkcs.RSAPublicKey) DHValidationParameters(org.bouncycastle.crypto.params.DHValidationParameters) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) DSAParameter(org.bouncycastle.asn1.x509.DSAParameter) DHParameter(org.bouncycastle.asn1.pkcs.DHParameter) DSAPublicKeyParameters(org.bouncycastle.crypto.params.DSAPublicKeyParameters) DHParameters(org.bouncycastle.crypto.params.DHParameters) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) X9ECPoint(org.bouncycastle.asn1.x9.X9ECPoint) X9ECPoint(org.bouncycastle.asn1.x9.X9ECPoint) BigInteger(java.math.BigInteger) DHDomainParameters(org.bouncycastle.asn1.x9.DHDomainParameters) DSAParameters(org.bouncycastle.crypto.params.DSAParameters) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Aggregations

ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)139 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)73 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)59 IOException (java.io.IOException)37 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)34 DEROctetString (org.bouncycastle.asn1.DEROctetString)32 DERUTF8String (org.bouncycastle.asn1.DERUTF8String)29 DERIA5String (org.bouncycastle.asn1.DERIA5String)28 DERSequence (org.bouncycastle.asn1.DERSequence)25 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)21 DERPrintableString (org.bouncycastle.asn1.DERPrintableString)21 ArrayList (java.util.ArrayList)20 GeneralName (org.bouncycastle.asn1.x509.GeneralName)19 X509Certificate (java.security.cert.X509Certificate)17 HashSet (java.util.HashSet)17 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)17 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)17 BigInteger (java.math.BigInteger)16 ASN1Primitive (org.bouncycastle.asn1.ASN1Primitive)16 DERBMPString (org.bouncycastle.asn1.DERBMPString)15