Search in sources :

Example 31 with ASN1ObjectIdentifier

use of com.github.zhenwei.core.asn1.ASN1ObjectIdentifier in project ldapsdk by pingidentity.

the class PKCS8PrivateKey method wrapRSAPrivateKey.

/**
 * Wraps the provided RSA private key bytes inside a full PKCS #8 encoded
 * private key.
 *
 * @param  rsaPrivateKeyBytes  The bytes that comprise just the RSA private
 *                             key.
 *
 * @return  The bytes that comprise a PKCS #8 encoded representation of the
 *          provided RSA private key.
 *
 * @throws  CertException  If a problem is encountered while trying to wrap
 *                         the private key.
 */
@NotNull()
static byte[] wrapRSAPrivateKey(@NotNull final byte[] rsaPrivateKeyBytes) throws CertException {
    try {
        final ArrayList<ASN1Element> elements = new ArrayList<>(5);
        elements.add(new ASN1Integer(PKCS8PrivateKeyVersion.V1.getIntValue()));
        elements.add(new ASN1Sequence(new ASN1ObjectIdentifier(PublicKeyAlgorithmIdentifier.RSA.getOID())));
        elements.add(new ASN1OctetString(rsaPrivateKeyBytes));
        return new ASN1Sequence(elements).encode();
    } catch (final Exception e) {
        Debug.debugException(e);
        throw new CertException(ERR_PRIVATE_KEY_WRAP_RSA_KEY_ERROR.get(StaticUtils.getExceptionMessage(e)), e);
    }
}
Also used : ASN1OctetString(com.unboundid.asn1.ASN1OctetString) ASN1Sequence(com.unboundid.asn1.ASN1Sequence) ASN1Element(com.unboundid.asn1.ASN1Element) ArrayList(java.util.ArrayList) ASN1Integer(com.unboundid.asn1.ASN1Integer) ASN1ObjectIdentifier(com.unboundid.asn1.ASN1ObjectIdentifier) GeneralSecurityException(java.security.GeneralSecurityException) NotNull(com.unboundid.util.NotNull)

Example 32 with ASN1ObjectIdentifier

use of com.github.zhenwei.core.asn1.ASN1ObjectIdentifier in project gdmatrix by gdmatrix.

the class P7MUtils method printAttribute.

public static void printAttribute(Attribute attribute) throws Exception {
    ASN1Set set = attribute.getAttrValues();
    ASN1Primitive der = set.getObjectAt(0).toASN1Primitive();
    System.out.println(der.getClass());
    if (der instanceof DEROctetString) {
        DEROctetString octet = (DEROctetString) der;
        byte[] data = octet.getOctets();
        System.out.println(new String(data, "UTF-16LE"));
    } else if (der instanceof ASN1UTCTime) {
        ASN1UTCTime utcTime = (ASN1UTCTime) der;
        String time = utcTime.getAdjustedTime();
        System.out.println(time);
    } else if (der instanceof ASN1ObjectIdentifier) {
        ASN1ObjectIdentifier id = (ASN1ObjectIdentifier) der;
        System.out.println(id.getId());
    }
}
Also used : ASN1Set(org.bouncycastle.asn1.ASN1Set) ASN1UTCTime(org.bouncycastle.asn1.ASN1UTCTime) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DEROctetString(org.bouncycastle.asn1.DEROctetString) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive) DEROctetString(org.bouncycastle.asn1.DEROctetString) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 33 with ASN1ObjectIdentifier

use of com.github.zhenwei.core.asn1.ASN1ObjectIdentifier in project gdmatrix by gdmatrix.

the class CMSUtils method createTimeStampRequest.

public static TimeStampReq createTimeStampRequest(byte[] message, String nonce, boolean requireCert, Extensions extensions, String digestAlgorithm, String timestampPolicy) throws NoSuchAlgorithmException {
    MessageDigest md = MessageDigest.getInstance("SHA1");
    byte[] hashedMsg = md.digest(message);
    ASN1ObjectIdentifier identifier = new ASN1ObjectIdentifier(digestAlgorithm);
    org.bouncycastle.asn1.tsp.MessageImprint imprint = new org.bouncycastle.asn1.tsp.MessageImprint(new AlgorithmIdentifier(identifier), hashedMsg);
    TimeStampReq request = new TimeStampReq(imprint, timestampPolicy != null ? new ASN1ObjectIdentifier(timestampPolicy) : null, nonce != null ? new ASN1Integer(nonce.getBytes()) : null, ASN1Boolean.getInstance(requireCert), extensions);
    return request;
}
Also used : TimeStampReq(org.bouncycastle.asn1.tsp.TimeStampReq) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) MessageDigest(java.security.MessageDigest) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Example 34 with ASN1ObjectIdentifier

use of com.github.zhenwei.core.asn1.ASN1ObjectIdentifier in project laverca by laverca.

the class Pkcs7 method bytesToPkcs7SignedData.

/**
 * Convert a byte array to a PKCS7 SignedData object
 * @param bytes byte array
 * @return PKCS7 SignedData object
 */
public static SignedData bytesToPkcs7SignedData(byte[] bytes) {
    if (bytes == null) {
        throw new IllegalArgumentException("null bytes");
    }
    ASN1InputStream ais = new ASN1InputStream(bytes);
    ASN1Object asn1 = null;
    try {
        asn1 = ais.readObject();
    } catch (IOException ioe) {
        throw new IllegalArgumentException("not a pkcs7 signature");
    } finally {
        try {
            ais.close();
        } catch (IOException e) {
        // Ignore
        }
    }
    ContentInfo ci = ContentInfo.getInstance(asn1);
    ASN1ObjectIdentifier typeId = ci.getContentType();
    if (!typeId.equals(PKCSObjectIdentifiers.signedData)) {
        throw new IllegalArgumentException("not a pkcs7 signature");
    }
    return SignedData.getInstance(ci.getContent());
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) ContentInfo(org.bouncycastle.asn1.pkcs.ContentInfo) IOException(java.io.IOException) ASN1Object(org.bouncycastle.asn1.ASN1Object) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 35 with ASN1ObjectIdentifier

use of com.github.zhenwei.core.asn1.ASN1ObjectIdentifier in project webauthn4j by webauthn4j.

the class PackedAttestationStatementValidatorTest method generateCertPath.

private static AttestationCertificatePath generateCertPath(KeyPair pair, String signAlg) {
    try {
        Provider bcProvider = new BouncyCastleProvider();
        // Security.addProvider(bcProvider);
        long now = System.currentTimeMillis();
        Date from = new Date(now);
        Date to = new Date(from.getTime() + TimeUnit.DAYS.toMillis(1));
        X500Name dnName = new X500Name("C=ORG, O=Dummy Org, OU=Authenticator Attestation, CN=Dummy");
        BigInteger certSerialNumber = BigInteger.ZERO;
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(from);
        calendar.add(Calendar.YEAR, 1);
        ContentSigner contentSigner = new JcaContentSignerBuilder(signAlg).build(pair.getPrivate());
        JcaX509v3CertificateBuilder certBuilder = new JcaX509v3CertificateBuilder(dnName, certSerialNumber, from, to, dnName, pair.getPublic());
        BasicConstraints basicConstraints = new BasicConstraints(false);
        certBuilder.addExtension(new ASN1ObjectIdentifier("2.5.29.19"), true, basicConstraints);
        X509Certificate certificate = new JcaX509CertificateConverter().setProvider(bcProvider).getCertificate(certBuilder.build(contentSigner));
        return new AttestationCertificatePath(Collections.singletonList(certificate));
    } catch (OperatorCreationException | CertificateException | CertIOException e) {
        throw new UnexpectedCheckedException(e);
    }
}
Also used : UnexpectedCheckedException(com.webauthn4j.util.exception.UnexpectedCheckedException) AttestationCertificatePath(com.webauthn4j.data.attestation.statement.AttestationCertificatePath) JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) Calendar(java.util.Calendar) ContentSigner(org.bouncycastle.operator.ContentSigner) CertificateException(java.security.cert.CertificateException) X500Name(org.bouncycastle.asn1.x500.X500Name) CertIOException(org.bouncycastle.cert.CertIOException) Date(java.util.Date) X509Certificate(java.security.cert.X509Certificate) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) JcaX509v3CertificateBuilder(org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder) BigInteger(java.math.BigInteger) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException) BasicConstraints(org.bouncycastle.asn1.x509.BasicConstraints) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)

Aggregations

ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)545 IOException (java.io.IOException)161 ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)126 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)87 DEROctetString (org.bouncycastle.asn1.DEROctetString)87 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)73 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)71 Enumeration (java.util.Enumeration)70 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)70 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)69 ArrayList (java.util.ArrayList)65 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)64 BigInteger (java.math.BigInteger)60 DERSequence (org.bouncycastle.asn1.DERSequence)60 HashSet (java.util.HashSet)57 DERIA5String (org.bouncycastle.asn1.DERIA5String)52 X500Name (org.bouncycastle.asn1.x500.X500Name)52 X509Certificate (java.security.cert.X509Certificate)50 AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)47 Extension (org.bouncycastle.asn1.x509.Extension)46