use of com.github.zhenwei.core.asn1.ASN1ObjectIdentifier in project Ethernity-Wallet-Android by kris-krytech.
the class TestAttestation method makeUnsignedx509Att.
private Attestation makeUnsignedx509Att() {
Attestation att = new Attestation();
// =v3 since counting starts from 0
att.setVersion(2);
att.setSerialNumber(42);
att.setSignature(OID_SHA256ECDSA);
att.setIssuer("CN=ALX");
Date now = new Date();
att.setNotValidBefore(now);
// Valid for an hour
att.setNotValidAfter(new Date(System.currentTimeMillis() + 3600000));
att.setSubject("CN=0x2042424242424564648");
att.setSubjectPublicKeyInfo(OID_SHA256ECDSA, subjectKeys.getPublic().getEncoded());
ASN1EncodableVector extensions = new ASN1EncodableVector();
extensions.add(new ASN1ObjectIdentifier(Attestation.OID_OCTETSTRING));
extensions.add(ASN1Boolean.TRUE);
extensions.add(new DEROctetString("hello world".getBytes()));
// Double Sequence is needed to be compatible with X509V3
att.setExtensions(new DERSequence(new DERSequence(extensions)));
Assert.assertTrue(att.isValidX509());
return att;
}
use of com.github.zhenwei.core.asn1.ASN1ObjectIdentifier in project pulsar by yahoo.
the class MessageCryptoBc method loadPublicKey.
private PublicKey loadPublicKey(byte[] keyBytes) throws Exception {
Reader keyReader = new StringReader(new String(keyBytes));
PublicKey publicKey = null;
try (PEMParser pemReader = new PEMParser(keyReader)) {
Object pemObj = pemReader.readObject();
JcaPEMKeyConverter pemConverter = new JcaPEMKeyConverter();
SubjectPublicKeyInfo keyInfo = null;
X9ECParameters ecParam = null;
if (pemObj instanceof ASN1ObjectIdentifier) {
// make sure this is EC Parameter we're handling. In which case
// we'll store it and read the next object which should be our
// EC Public Key
ASN1ObjectIdentifier ecOID = (ASN1ObjectIdentifier) pemObj;
ecParam = ECNamedCurveTable.getByOID(ecOID);
if (ecParam == null) {
throw new PEMException("Unable to find EC Parameter for the given curve oid: " + ((ASN1ObjectIdentifier) pemObj).getId());
}
pemObj = pemReader.readObject();
} else if (pemObj instanceof X9ECParameters) {
ecParam = (X9ECParameters) pemObj;
pemObj = pemReader.readObject();
}
if (pemObj instanceof X509CertificateHolder) {
keyInfo = ((X509CertificateHolder) pemObj).getSubjectPublicKeyInfo();
} else {
keyInfo = (SubjectPublicKeyInfo) pemObj;
}
publicKey = pemConverter.getPublicKey(keyInfo);
if (ecParam != null && ECDSA.equals(publicKey.getAlgorithm())) {
ECParameterSpec ecSpec = new ECParameterSpec(ecParam.getCurve(), ecParam.getG(), ecParam.getN(), ecParam.getH(), ecParam.getSeed());
KeyFactory keyFactory = KeyFactory.getInstance(ECDSA, BouncyCastleProvider.PROVIDER_NAME);
ECPublicKeySpec keySpec = new ECPublicKeySpec(((BCECPublicKey) publicKey).getQ(), ecSpec);
publicKey = keyFactory.generatePublic(keySpec);
}
} catch (IOException | NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException e) {
throw new Exception(e);
}
return publicKey;
}
use of com.github.zhenwei.core.asn1.ASN1ObjectIdentifier in project oxAuth by GluuFederation.
the class RSAKeyFactory method generateV3Certificate.
public Certificate generateV3Certificate(Date startDate, Date expirationDate, String dnName) throws OperatorCreationException, CertificateException, CertIOException {
// serial number for certificate
BigInteger serialNumber = new BigInteger(1024, new SecureRandom());
X500Name name = new X500Name(dnName);
JcaX509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(name, serialNumber, startDate, expirationDate, name, keyPair.getPublic());
ASN1EncodableVector purposes = new ASN1EncodableVector();
purposes.add(KeyPurposeId.id_kp_serverAuth);
purposes.add(KeyPurposeId.id_kp_clientAuth);
purposes.add(KeyPurposeId.anyExtendedKeyUsage);
ASN1ObjectIdentifier extendedKeyUsage = new ASN1ObjectIdentifier("2.5.29.37").intern();
certGen.addExtension(extendedKeyUsage, false, new DERSequence(purposes));
X509CertificateHolder certHolder = certGen.build(new JcaContentSignerBuilder(signatureAlgorithm.getAlgorithm()).setProvider(SecurityProviderUtility.getBCProviderName()).build(keyPair.getPrivate()));
X509Certificate x509Certificate = new JcaX509CertificateConverter().setProvider(SecurityProviderUtility.getBCProviderName()).getCertificate(certHolder);
return new Certificate(signatureAlgorithm, x509Certificate);
}
use of com.github.zhenwei.core.asn1.ASN1ObjectIdentifier in project ats-framework by Axway.
the class SMimePackageEncryptor method encrypt.
@PublicAtsApi
public Package encrypt(Package source) throws ActionException {
try {
MimeMessage encryptedMessage = new MimeMessage(Session.getInstance(new Properties()));
MimeMessage originalMessage = getMimeMessage(source);
Enumeration<?> hdrEnum = originalMessage.getAllHeaders();
while (hdrEnum.hasMoreElements()) {
Header current = (Header) hdrEnum.nextElement();
encryptedMessage.setHeader(current.getName(), current.getValue());
}
KeyStore ks = getKeystore();
Certificate cer = ks.getCertificate(aliasOrCN);
SMIMEEnvelopedGenerator encrypter = new SMIMEEnvelopedGenerator();
encrypter.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator((X509Certificate) cer).setProvider(BouncyCastleProvider.PROVIDER_NAME));
ASN1ObjectIdentifier encryption = null;
if (encryptionCipher == null) {
// set default. Was CMSAlgorithm.RC2_CBC
encryption = CMSAlgorithm.AES128_CBC;
} else {
encryption = encryptionCipher;
}
MimeBodyPart mp = encrypter.generate(originalMessage, new JceCMSContentEncryptorBuilder(encryption).setProvider(BouncyCastleProvider.PROVIDER_NAME).build());
encryptedMessage.setContent(mp.getContent(), mp.getContentType());
Enumeration<?> mpEnum = mp.getAllHeaders();
while (mpEnum.hasMoreElements()) {
Header current = (Header) mpEnum.nextElement();
encryptedMessage.setHeader(current.getName(), current.getValue());
}
encryptedMessage.saveChanges();
return new MimePackage(encryptedMessage);
} catch (Exception e) {
throw new ActionException(ENCRYPTION_EXCEPTION, e);
}
}
use of com.github.zhenwei.core.asn1.ASN1ObjectIdentifier in project acme4j by shred.
the class CSRBuilder method addValue.
/**
* Sets an entry of the subject used for the CSR
* <p>
* Note that it is at the discretion of the ACME server to accept this parameter.
* @param attName The BCStyle attribute name
* @param value The value
* @since 2.14
*/
public void addValue(String attName, String value) {
ASN1ObjectIdentifier oid = X500Name.getDefaultStyle().attrNameToOID(requireNonNull(attName, "attribute name must not be null"));
addValue(oid, value);
}
Aggregations