Example 31 with AlgorithmIdentifier
use of com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier in project XobotOS by xamarin.
the class JCEECPrivateKey method getEncoded.
/**
* Return a PKCS8 representation of the key. The sequence returned
* represents a full PrivateKeyInfo object.
*
* @return a PKCS8 representation of the key.
*/
public byte[] getEncoded() {
X962Parameters params;
if (ecSpec instanceof ECNamedCurveSpec) {
DERObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec) ecSpec).getName());
if (// guess it's the OID
curveOid == null) {
curveOid = new DERObjectIdentifier(((ECNamedCurveSpec) ecSpec).getName());
}
params = new X962Parameters(curveOid);
} else if (ecSpec == null) {
params = new X962Parameters(DERNull.INSTANCE);
} else {
ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
X9ECParameters ecP = new X9ECParameters(curve, EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), ecSpec.getOrder(), BigInteger.valueOf(ecSpec.getCofactor()), ecSpec.getCurve().getSeed());
params = new X962Parameters(ecP);
}
PrivateKeyInfo info;
ECPrivateKeyStructure keyStructure;
if (publicKey != null) {
keyStructure = new ECPrivateKeyStructure(this.getS(), publicKey, params);
} else {
keyStructure = new ECPrivateKeyStructure(this.getS(), params);
}
// BEGIN android-removed
// if (algorithm.equals("ECGOST3410"))
// {
// info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.getDERObject()), keyStructure.getDERObject());
// }
// else
// END android-removed
{
info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.getDERObject()), keyStructure.getDERObject());
}
return info.getDEREncoded();
}
Also used :
X962Parameters(org.bouncycastle.asn1.x9.X962Parameters)
X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters)
ECCurve(org.bouncycastle.math.ec.ECCurve)
ECPrivateKeyStructure(org.bouncycastle.asn1.sec.ECPrivateKeyStructure)
DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
ECNamedCurveSpec(org.bouncycastle.jce.spec.ECNamedCurveSpec)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 32 with AlgorithmIdentifier
use of com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier in project XobotOS by xamarin.
the class PublicKeyFactory method createKey.
/**
* Create a public key from the passed in SubjectPublicKeyInfo
*
* @param keyInfo the SubjectPublicKeyInfo containing the key data
* @return the appropriate key parameter
* @throws IOException on an error decoding the key
*/
public static AsymmetricKeyParameter createKey(SubjectPublicKeyInfo keyInfo) throws IOException {
AlgorithmIdentifier algId = keyInfo.getAlgorithmId();
if (algId.getObjectId().equals(PKCSObjectIdentifiers.rsaEncryption) || algId.getObjectId().equals(X509ObjectIdentifiers.id_ea_rsa)) {
RSAPublicKeyStructure pubKey = new RSAPublicKeyStructure((ASN1Sequence) keyInfo.getPublicKey());
return new RSAKeyParameters(false, pubKey.getModulus(), pubKey.getPublicExponent());
} else if (algId.getObjectId().equals(X9ObjectIdentifiers.dhpublicnumber)) {
DHPublicKey dhPublicKey = DHPublicKey.getInstance(keyInfo.getPublicKey());
BigInteger y = dhPublicKey.getY().getValue();
DHDomainParameters dhParams = DHDomainParameters.getInstance(keyInfo.getAlgorithmId().getParameters());
BigInteger p = dhParams.getP().getValue();
BigInteger g = dhParams.getG().getValue();
BigInteger q = dhParams.getQ().getValue();
BigInteger j = null;
if (dhParams.getJ() != null) {
j = dhParams.getJ().getValue();
}
DHValidationParameters validation = null;
DHValidationParms dhValidationParms = dhParams.getValidationParms();
if (dhValidationParms != null) {
byte[] seed = dhValidationParms.getSeed().getBytes();
BigInteger pgenCounter = dhValidationParms.getPgenCounter().getValue();
// TODO Check pgenCounter size?
validation = new DHValidationParameters(seed, pgenCounter.intValue());
}
return new DHPublicKeyParameters(y, new DHParameters(p, g, q, j, validation));
} else if (algId.getObjectId().equals(PKCSObjectIdentifiers.dhKeyAgreement)) {
DHParameter params = new DHParameter((ASN1Sequence) keyInfo.getAlgorithmId().getParameters());
DERInteger derY = (DERInteger) keyInfo.getPublicKey();
BigInteger lVal = params.getL();
int l = lVal == null ? 0 : lVal.intValue();
DHParameters dhParams = new DHParameters(params.getP(), params.getG(), null, l);
return new DHPublicKeyParameters(derY.getValue(), dhParams);
} else // END android-removed
if (algId.getObjectId().equals(X9ObjectIdentifiers.id_dsa) || algId.getObjectId().equals(OIWObjectIdentifiers.dsaWithSHA1)) {
DERInteger derY = (DERInteger) keyInfo.getPublicKey();
DEREncodable de = keyInfo.getAlgorithmId().getParameters();
DSAParameters parameters = null;
if (de != null) {
DSAParameter params = DSAParameter.getInstance(de.getDERObject());
parameters = new DSAParameters(params.getP(), params.getQ(), params.getG());
}
return new DSAPublicKeyParameters(derY.getValue(), parameters);
} else if (algId.getObjectId().equals(X9ObjectIdentifiers.id_ecPublicKey)) {
X962Parameters params = new X962Parameters((DERObject) keyInfo.getAlgorithmId().getParameters());
ECDomainParameters dParams = null;
if (params.isNamedCurve()) {
DERObjectIdentifier oid = (DERObjectIdentifier) params.getParameters();
X9ECParameters ecP = X962NamedCurves.getByOID(oid);
if (ecP == null) {
ecP = SECNamedCurves.getByOID(oid);
if (ecP == null) {
ecP = NISTNamedCurves.getByOID(oid);
// BEGIN android-removed
// if (ecP == null)
// {
// ecP = TeleTrusTNamedCurves.getByOID(oid);
// }
// END android-removed
}
}
dParams = new ECDomainParameters(ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed());
} else {
X9ECParameters ecP = new X9ECParameters((ASN1Sequence) params.getParameters());
dParams = new ECDomainParameters(ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed());
}
DERBitString bits = keyInfo.getPublicKeyData();
byte[] data = bits.getBytes();
ASN1OctetString key = new DEROctetString(data);
X9ECPoint derQ = new X9ECPoint(dParams.getCurve(), key);
return new ECPublicKeyParameters(derQ.getPoint(), dParams);
} else {
throw new RuntimeException("algorithm identifier in key not recognised");
}
}
Also used :
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DHPublicKeyParameters(org.bouncycastle.crypto.params.DHPublicKeyParameters)
ECDomainParameters(org.bouncycastle.crypto.params.ECDomainParameters)
DHPublicKey(org.bouncycastle.asn1.x9.DHPublicKey)
X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters)
DHValidationParms(org.bouncycastle.asn1.x9.DHValidationParms)
ECPublicKeyParameters(org.bouncycastle.crypto.params.ECPublicKeyParameters)
RSAKeyParameters(org.bouncycastle.crypto.params.RSAKeyParameters)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
DERInteger(org.bouncycastle.asn1.DERInteger)
X962Parameters(org.bouncycastle.asn1.x9.X962Parameters)
RSAPublicKeyStructure(org.bouncycastle.asn1.x509.RSAPublicKeyStructure)
DHValidationParameters(org.bouncycastle.crypto.params.DHValidationParameters)
DSAParameter(org.bouncycastle.asn1.x509.DSAParameter)
DHParameter(org.bouncycastle.asn1.pkcs.DHParameter)
DSAPublicKeyParameters(org.bouncycastle.crypto.params.DSAPublicKeyParameters)
DHParameters(org.bouncycastle.crypto.params.DHParameters)
DERBitString(org.bouncycastle.asn1.DERBitString)
DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier)
X9ECPoint(org.bouncycastle.asn1.x9.X9ECPoint)
X9ECPoint(org.bouncycastle.asn1.x9.X9ECPoint)
DEREncodable(org.bouncycastle.asn1.DEREncodable)
BigInteger(java.math.BigInteger)
DHDomainParameters(org.bouncycastle.asn1.x9.DHDomainParameters)
DSAParameters(org.bouncycastle.crypto.params.DSAParameters)
Example 33 with AlgorithmIdentifier
use of com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier in project nhin-d by DirectProject.
the class SplitProviderDirectSignedDataGenerator method generate.
/**
* {@inheritDoc}
*/
@Override
public CMSSignedData generate(String signedContentType, CMSProcessable content, boolean encapsulate, String sigProvider, boolean addDefaultAttributes) throws NoSuchAlgorithmException, NoSuchProviderException, CMSException {
final ASN1EncodableVector digestAlgs = new ASN1EncodableVector();
final ASN1EncodableVector signerInfos = new ASN1EncodableVector();
// clear the current preserved digest state
_digests.clear();
//
// add the SignerInfo objects
//
DERObjectIdentifier contentTypeOID;
boolean isCounterSignature;
if (signedContentType != null) {
contentTypeOID = new DERObjectIdentifier(signedContentType);
isCounterSignature = false;
} else {
contentTypeOID = CMSObjectIdentifiers.data;
isCounterSignature = true;
}
for (DirectTargetedSignerInf signer : privateSigners) {
AlgorithmIdentifier digAlgId;
try {
digAlgId = new AlgorithmIdentifier(new DERObjectIdentifier(signer.digestOID), new DERNull());
digestAlgs.add(digAlgId);
try {
signerInfos.add(signer.toSignerInfo(contentTypeOID, content, rand, sigProvider, digestProvider, addDefaultAttributes, isCounterSignature));
} catch (ClassCastException e) {
// try again with the digest provider... the key may need to use a different provider than the sig provider
signerInfos.add(signer.toSignerInfo(contentTypeOID, content, rand, digestProvider, digestProvider, addDefaultAttributes, isCounterSignature));
}
} catch (IOException e) {
throw new CMSException("encoding error.", e);
} catch (InvalidKeyException e) {
throw new CMSException("key inappropriate for signature.", e);
} catch (SignatureException e) {
throw new CMSException("error creating signature.", e);
} catch (CertificateEncodingException e) {
throw new CMSException("error creating sid.", e);
}
}
ASN1Set certificates = null;
if (_certs.size() != 0) {
certificates = createBerSetFromList(_certs);
}
ASN1Set certrevlist = null;
if (_crls.size() != 0) {
certrevlist = createBerSetFromList(_crls);
}
ContentInfo encInfo;
if (encapsulate) {
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
try {
content.write(bOut);
} catch (IOException e) {
throw new CMSException("encapsulation error.", e);
}
ASN1OctetString octs = new BERConstructedOctetString(bOut.toByteArray());
encInfo = new ContentInfo(contentTypeOID, octs);
} else {
encInfo = new ContentInfo(contentTypeOID, null);
}
SignedData sd = new SignedData(new DERSet(digestAlgs), encInfo, certificates, certrevlist, new DERSet(signerInfos));
ContentInfo contentInfo = new ContentInfo(PKCSObjectIdentifiers.signedData, sd);
return new CMSSignedData(content, contentInfo);
}
Also used :
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
SignedData(org.bouncycastle.asn1.cms.SignedData)
CMSSignedData(org.bouncycastle.cms.CMSSignedData)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
IOException(java.io.IOException)
SignatureException(java.security.SignatureException)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
InvalidKeyException(java.security.InvalidKeyException)
DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier)
DERSet(org.bouncycastle.asn1.DERSet)
CMSSignedData(org.bouncycastle.cms.CMSSignedData)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
ASN1Set(org.bouncycastle.asn1.ASN1Set)
ContentInfo(org.bouncycastle.asn1.cms.ContentInfo)
DERNull(org.bouncycastle.asn1.DERNull)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
BERConstructedOctetString(org.bouncycastle.asn1.BERConstructedOctetString)
CMSException(org.bouncycastle.cms.CMSException)
Example 34 with AlgorithmIdentifier
use of com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier in project android_frameworks_base by DirtyUnicorns.
the class AndroidKeyStoreKeyPairGeneratorSpi method generateSelfSignedCertificateWithFakeSignature.
@SuppressWarnings("deprecation")
private X509Certificate generateSelfSignedCertificateWithFakeSignature(PublicKey publicKey) throws IOException, CertificateParsingException {
V3TBSCertificateGenerator tbsGenerator = new V3TBSCertificateGenerator();
ASN1ObjectIdentifier sigAlgOid;
AlgorithmIdentifier sigAlgId;
byte[] signature;
switch(mKeymasterAlgorithm) {
case KeymasterDefs.KM_ALGORITHM_EC:
sigAlgOid = X9ObjectIdentifiers.ecdsa_with_SHA256;
sigAlgId = new AlgorithmIdentifier(sigAlgOid);
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(new DERInteger(0));
v.add(new DERInteger(0));
signature = new DERSequence().getEncoded();
break;
case KeymasterDefs.KM_ALGORITHM_RSA:
sigAlgOid = PKCSObjectIdentifiers.sha256WithRSAEncryption;
sigAlgId = new AlgorithmIdentifier(sigAlgOid, DERNull.INSTANCE);
signature = new byte[1];
break;
default:
throw new ProviderException("Unsupported key algorithm: " + mKeymasterAlgorithm);
}
try (ASN1InputStream publicKeyInfoIn = new ASN1InputStream(publicKey.getEncoded())) {
tbsGenerator.setSubjectPublicKeyInfo(SubjectPublicKeyInfo.getInstance(publicKeyInfoIn.readObject()));
}
tbsGenerator.setSerialNumber(new ASN1Integer(mSpec.getCertificateSerialNumber()));
X509Principal subject = new X509Principal(mSpec.getCertificateSubject().getEncoded());
tbsGenerator.setSubject(subject);
tbsGenerator.setIssuer(subject);
tbsGenerator.setStartDate(new Time(mSpec.getCertificateNotBefore()));
tbsGenerator.setEndDate(new Time(mSpec.getCertificateNotAfter()));
tbsGenerator.setSignature(sigAlgId);
TBSCertificate tbsCertificate = tbsGenerator.generateTBSCertificate();
ASN1EncodableVector result = new ASN1EncodableVector();
result.add(tbsCertificate);
result.add(sigAlgId);
result.add(new DERBitString(signature));
return new X509CertificateObject(Certificate.getInstance(new DERSequence(result)));
}
Also used :
ASN1InputStream(com.android.org.bouncycastle.asn1.ASN1InputStream)
ProviderException(java.security.ProviderException)
Time(com.android.org.bouncycastle.asn1.x509.Time)
DERBitString(com.android.org.bouncycastle.asn1.DERBitString)
ASN1Integer(com.android.org.bouncycastle.asn1.ASN1Integer)
AlgorithmIdentifier(com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier)
DERInteger(com.android.org.bouncycastle.asn1.DERInteger)
DERSequence(com.android.org.bouncycastle.asn1.DERSequence)
X509CertificateObject(com.android.org.bouncycastle.jce.provider.X509CertificateObject)
X509Principal(com.android.org.bouncycastle.jce.X509Principal)
ASN1EncodableVector(com.android.org.bouncycastle.asn1.ASN1EncodableVector)
V3TBSCertificateGenerator(com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator)
TBSCertificate(com.android.org.bouncycastle.asn1.x509.TBSCertificate)
ASN1ObjectIdentifier(com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 35 with AlgorithmIdentifier
use of com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier in project platformlayer by platformlayer.
the class Csr method buildCsr.
public static Csr buildCsr(KeyPair keyPair, X500Principal subjectName) {
X500Name subject = BouncyCastleHelpers.toX500Name(subjectName);
SubjectPublicKeyInfo publicKeyInfo = BouncyCastleHelpers.toSubjectPublicKeyInfo(keyPair.getPublic());
PKCS10CertificationRequestBuilder csrBuilder = new PKCS10CertificationRequestBuilder(subject, publicKeyInfo);
AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1withRSA");
AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
BcRSAContentSignerBuilder sigBuild = new BcRSAContentSignerBuilder(sigAlgId, digAlgId);
ContentSigner signer;
try {
signer = sigBuild.build(BouncyCastleHelpers.toAsymmetricKeyParameter(keyPair.getPrivate()));
} catch (OperatorCreationException e) {
throw new IllegalArgumentException("Error building content signer", e);
}
PKCS10CertificationRequest csrHolder = csrBuilder.build(signer);
return new Csr(csrHolder);
}
Also used :
PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest)
BcRSAContentSignerBuilder(org.bouncycastle.operator.bc.BcRSAContentSignerBuilder)
ContentSigner(org.bouncycastle.operator.ContentSigner)
PKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder)
X500Name(org.bouncycastle.asn1.x500.X500Name)
OperatorCreationException(org.bouncycastle.operator.OperatorCreationException)
SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
DefaultDigestAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
DefaultSignatureAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder)
Aggregations
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)31
IOException (java.io.IOException)18
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)11
DERObjectIdentifier (org.bouncycastle.asn1.DERObjectIdentifier)11
SubjectPublicKeyInfo (org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)10
X962Parameters (org.bouncycastle.asn1.x9.X962Parameters)10
X9ECParameters (org.bouncycastle.asn1.x9.X9ECParameters)10
BigInteger (java.math.BigInteger)9
X509Certificate (java.security.cert.X509Certificate)8
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)8
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)7
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)7
GeneralSecurityException (java.security.GeneralSecurityException)6
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)6
ECNamedCurveSpec (org.bouncycastle.jce.spec.ECNamedCurveSpec)6
ECCurve (org.bouncycastle.math.ec.ECCurve)6
ASN1EncodableVector (com.android.org.bouncycastle.asn1.ASN1EncodableVector)5
ASN1InputStream (com.android.org.bouncycastle.asn1.ASN1InputStream)5
ASN1Integer (com.android.org.bouncycastle.asn1.ASN1Integer)5
ASN1ObjectIdentifier (com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier)5
