Search in sources :

Example 6 with DERBMPString

use of com.github.zhenwei.core.asn1.DERBMPString in project certmgr by hdecarne.

the class PKCS12CertReaderWriter method createKeySafeBagBuilder.

private static PKCS12SafeBagBuilder createKeySafeBagBuilder(String alias, KeyPair key) throws GeneralSecurityException {
    PKCS12SafeBagBuilder safeBagBuilder = new JcaPKCS12SafeBagBuilder(key.getPrivate());
    safeBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString(alias));
    JcaX509ExtensionUtils extensionUtils = new JcaX509ExtensionUtils();
    SubjectKeyIdentifier subjectKeyIdentifier = extensionUtils.createSubjectKeyIdentifier(key.getPublic());
    safeBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId, subjectKeyIdentifier);
    return safeBagBuilder;
}
Also used : JcaX509ExtensionUtils(org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils) DERBMPString(org.bouncycastle.asn1.DERBMPString) PKCS12SafeBagBuilder(org.bouncycastle.pkcs.PKCS12SafeBagBuilder) JcaPKCS12SafeBagBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS12SafeBagBuilder) SubjectKeyIdentifier(org.bouncycastle.asn1.x509.SubjectKeyIdentifier) JcaPKCS12SafeBagBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS12SafeBagBuilder)

Example 7 with DERBMPString

use of com.github.zhenwei.core.asn1.DERBMPString in project certmgr by hdecarne.

the class PKCS12CertReaderWriter method createKeySafeBagBuilder.

private static PKCS12SafeBagBuilder createKeySafeBagBuilder(String alias, KeyPair key, char[] passwordChars) throws GeneralSecurityException {
    PKCS12SafeBagBuilder safeBagBuilder = new JcaPKCS12SafeBagBuilder(key.getPrivate(), PKCS12_ENCRYPTOR_BUILDER.build(passwordChars));
    safeBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString(alias));
    JcaX509ExtensionUtils extensionUtils = new JcaX509ExtensionUtils();
    SubjectKeyIdentifier subjectKeyIdentifier = extensionUtils.createSubjectKeyIdentifier(key.getPublic());
    safeBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId, subjectKeyIdentifier);
    return safeBagBuilder;
}
Also used : JcaX509ExtensionUtils(org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils) DERBMPString(org.bouncycastle.asn1.DERBMPString) PKCS12SafeBagBuilder(org.bouncycastle.pkcs.PKCS12SafeBagBuilder) JcaPKCS12SafeBagBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS12SafeBagBuilder) SubjectKeyIdentifier(org.bouncycastle.asn1.x509.SubjectKeyIdentifier) JcaPKCS12SafeBagBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS12SafeBagBuilder)

Example 8 with DERBMPString

use of com.github.zhenwei.core.asn1.DERBMPString in project certmgr by hdecarne.

the class PKCS12CertReaderWriter method createCRTSafeBagBuilder.

private static PKCS12SafeBagBuilder createCRTSafeBagBuilder(String alias, X509Certificate crt, boolean addKeyId) throws IOException, GeneralSecurityException {
    PKCS12SafeBagBuilder safeBagBuilder = new JcaPKCS12SafeBagBuilder(crt);
    safeBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString(alias));
    if (addKeyId) {
        JcaX509ExtensionUtils extensionUtils = new JcaX509ExtensionUtils();
        SubjectKeyIdentifier subjectKeyIdentifier = extensionUtils.createSubjectKeyIdentifier(crt.getPublicKey());
        safeBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId, subjectKeyIdentifier);
    }
    return safeBagBuilder;
}
Also used : JcaX509ExtensionUtils(org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils) DERBMPString(org.bouncycastle.asn1.DERBMPString) PKCS12SafeBagBuilder(org.bouncycastle.pkcs.PKCS12SafeBagBuilder) JcaPKCS12SafeBagBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS12SafeBagBuilder) SubjectKeyIdentifier(org.bouncycastle.asn1.x509.SubjectKeyIdentifier) JcaPKCS12SafeBagBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS12SafeBagBuilder)

Example 9 with DERBMPString

use of com.github.zhenwei.core.asn1.DERBMPString in project keepass2android by PhilippC.

the class ASN1Dump method _dumpAsString.

/**
 * dump a DER object as a formatted string with indentation
 *
 * @param obj the DERObject to be dumped out.
 */
static void _dumpAsString(String indent, boolean verbose, DERObject obj, StringBuffer buf) {
    String nl = System.getProperty("line.separator");
    if (obj instanceof ASN1Sequence) {
        Enumeration e = ((ASN1Sequence) obj).getObjects();
        String tab = indent + TAB;
        buf.append(indent);
        if (obj instanceof BERConstructedSequence) {
            buf.append("BER ConstructedSequence");
        } else if (obj instanceof DERConstructedSequence) {
            buf.append("DER ConstructedSequence");
        } else if (obj instanceof BERSequence) {
            buf.append("BER Sequence");
        } else if (obj instanceof DERSequence) {
            buf.append("DER Sequence");
        } else {
            buf.append("Sequence");
        }
        buf.append(nl);
        while (e.hasMoreElements()) {
            Object o = e.nextElement();
            if (o == null || o.equals(new DERNull())) {
                buf.append(tab);
                buf.append("NULL");
                buf.append(nl);
            } else if (o instanceof DERObject) {
                _dumpAsString(tab, verbose, (DERObject) o, buf);
            } else {
                _dumpAsString(tab, verbose, ((DEREncodable) o).getDERObject(), buf);
            }
        }
    } else if (obj instanceof DERTaggedObject) {
        String tab = indent + TAB;
        buf.append(indent);
        if (obj instanceof BERTaggedObject) {
            buf.append("BER Tagged [");
        } else {
            buf.append("Tagged [");
        }
        DERTaggedObject o = (DERTaggedObject) obj;
        buf.append(Integer.toString(o.getTagNo()));
        buf.append(']');
        if (!o.isExplicit()) {
            buf.append(" IMPLICIT ");
        }
        buf.append(nl);
        if (o.isEmpty()) {
            buf.append(tab);
            buf.append("EMPTY");
            buf.append(nl);
        } else {
            _dumpAsString(tab, verbose, o.getObject(), buf);
        }
    } else if (obj instanceof DERConstructedSet) {
        Enumeration e = ((ASN1Set) obj).getObjects();
        String tab = indent + TAB;
        buf.append(indent);
        buf.append("ConstructedSet");
        buf.append(nl);
        while (e.hasMoreElements()) {
            Object o = e.nextElement();
            if (o == null) {
                buf.append(tab);
                buf.append("NULL");
                buf.append(nl);
            } else if (o instanceof DERObject) {
                _dumpAsString(tab, verbose, (DERObject) o, buf);
            } else {
                _dumpAsString(tab, verbose, ((DEREncodable) o).getDERObject(), buf);
            }
        }
    } else if (obj instanceof BERSet) {
        Enumeration e = ((ASN1Set) obj).getObjects();
        String tab = indent + TAB;
        buf.append(indent);
        buf.append("BER Set");
        buf.append(nl);
        while (e.hasMoreElements()) {
            Object o = e.nextElement();
            if (o == null) {
                buf.append(tab);
                buf.append("NULL");
                buf.append(nl);
            } else if (o instanceof DERObject) {
                _dumpAsString(tab, verbose, (DERObject) o, buf);
            } else {
                _dumpAsString(tab, verbose, ((DEREncodable) o).getDERObject(), buf);
            }
        }
    } else if (obj instanceof DERSet) {
        Enumeration e = ((ASN1Set) obj).getObjects();
        String tab = indent + TAB;
        buf.append(indent);
        buf.append("DER Set");
        buf.append(nl);
        while (e.hasMoreElements()) {
            Object o = e.nextElement();
            if (o == null) {
                buf.append(tab);
                buf.append("NULL");
                buf.append(nl);
            } else if (o instanceof DERObject) {
                _dumpAsString(tab, verbose, (DERObject) o, buf);
            } else {
                _dumpAsString(tab, verbose, ((DEREncodable) o).getDERObject(), buf);
            }
        }
    } else if (obj instanceof DERObjectIdentifier) {
        buf.append(indent + "ObjectIdentifier(" + ((DERObjectIdentifier) obj).getId() + ")" + nl);
    } else if (obj instanceof DERBoolean) {
        buf.append(indent + "Boolean(" + ((DERBoolean) obj).isTrue() + ")" + nl);
    } else if (obj instanceof DERInteger) {
        buf.append(indent + "Integer(" + ((DERInteger) obj).getValue() + ")" + nl);
    } else if (obj instanceof BERConstructedOctetString) {
        ASN1OctetString oct = (ASN1OctetString) obj;
        buf.append(indent + "BER Constructed Octet String" + "[" + oct.getOctets().length + "] ");
        if (verbose) {
            buf.append(dumpBinaryDataAsString(indent, oct.getOctets()));
        } else {
            buf.append(nl);
        }
    } else if (obj instanceof DEROctetString) {
        ASN1OctetString oct = (ASN1OctetString) obj;
        buf.append(indent + "DER Octet String" + "[" + oct.getOctets().length + "] ");
        if (verbose) {
            buf.append(dumpBinaryDataAsString(indent, oct.getOctets()));
        } else {
            buf.append(nl);
        }
    } else if (obj instanceof DERBitString) {
        DERBitString bt = (DERBitString) obj;
        buf.append(indent + "DER Bit String" + "[" + bt.getBytes().length + ", " + bt.getPadBits() + "] ");
        if (verbose) {
            buf.append(dumpBinaryDataAsString(indent, bt.getBytes()));
        } else {
            buf.append(nl);
        }
    } else if (obj instanceof DERIA5String) {
        buf.append(indent + "IA5String(" + ((DERIA5String) obj).getString() + ") " + nl);
    } else if (obj instanceof DERUTF8String) {
        buf.append(indent + "UTF8String(" + ((DERUTF8String) obj).getString() + ") " + nl);
    } else if (obj instanceof DERPrintableString) {
        buf.append(indent + "PrintableString(" + ((DERPrintableString) obj).getString() + ") " + nl);
    } else if (obj instanceof DERVisibleString) {
        buf.append(indent + "VisibleString(" + ((DERVisibleString) obj).getString() + ") " + nl);
    } else if (obj instanceof DERBMPString) {
        buf.append(indent + "BMPString(" + ((DERBMPString) obj).getString() + ") " + nl);
    } else if (obj instanceof DERT61String) {
        buf.append(indent + "T61String(" + ((DERT61String) obj).getString() + ") " + nl);
    } else if (obj instanceof DERUTCTime) {
        buf.append(indent + "UTCTime(" + ((DERUTCTime) obj).getTime() + ") " + nl);
    } else if (obj instanceof DERGeneralizedTime) {
        buf.append(indent + "GeneralizedTime(" + ((DERGeneralizedTime) obj).getTime() + ") " + nl);
    } else if (obj instanceof DERUnknownTag) {
        buf.append(indent + "Unknown " + Integer.toString(((DERUnknownTag) obj).getTag(), 16) + " " + new String(Hex.encode(((DERUnknownTag) obj).getData())) + nl);
    } else if (obj instanceof BERApplicationSpecific) {
        buf.append(outputApplicationSpecific("BER", indent, verbose, obj, nl));
    } else if (obj instanceof DERApplicationSpecific) {
        buf.append(outputApplicationSpecific("DER", indent, verbose, obj, nl));
    } else if (obj instanceof DEREnumerated) {
        DEREnumerated en = (DEREnumerated) obj;
        buf.append(indent + "DER Enumerated(" + en.getValue() + ")" + nl);
    } else if (obj instanceof DERExternal) {
        DERExternal ext = (DERExternal) obj;
        buf.append(indent + "External " + nl);
        String tab = indent + TAB;
        if (ext.getDirectReference() != null) {
            buf.append(tab + "Direct Reference: " + ext.getDirectReference().getId() + nl);
        }
        if (ext.getIndirectReference() != null) {
            buf.append(tab + "Indirect Reference: " + ext.getIndirectReference().toString() + nl);
        }
        if (ext.getDataValueDescriptor() != null) {
            _dumpAsString(tab, verbose, ext.getDataValueDescriptor(), buf);
        }
        buf.append(tab + "Encoding: " + ext.getEncoding() + nl);
        _dumpAsString(tab, verbose, ext.getExternalContent(), buf);
    } else {
        buf.append(indent + obj.toString() + nl);
    }
}
Also used : ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) DERApplicationSpecific(org.bouncycastle.asn1.DERApplicationSpecific) DERBitString(org.bouncycastle.asn1.DERBitString) BERConstructedOctetString(org.bouncycastle.asn1.BERConstructedOctetString) DEROctetString(org.bouncycastle.asn1.DEROctetString) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DERBMPString(org.bouncycastle.asn1.DERBMPString) DERIA5String(org.bouncycastle.asn1.DERIA5String) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) DERT61String(org.bouncycastle.asn1.DERT61String) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) DERVisibleString(org.bouncycastle.asn1.DERVisibleString) DERSet(org.bouncycastle.asn1.DERSet) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERInteger(org.bouncycastle.asn1.DERInteger) DERSequence(org.bouncycastle.asn1.DERSequence) DERObject(org.bouncycastle.asn1.DERObject) DERIA5String(org.bouncycastle.asn1.DERIA5String) DERGeneralizedTime(org.bouncycastle.asn1.DERGeneralizedTime) DERConstructedSet(org.bouncycastle.asn1.DERConstructedSet) DERUTCTime(org.bouncycastle.asn1.DERUTCTime) DERNull(org.bouncycastle.asn1.DERNull) DERExternal(org.bouncycastle.asn1.DERExternal) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) DERVisibleString(org.bouncycastle.asn1.DERVisibleString) BERTaggedObject(org.bouncycastle.asn1.BERTaggedObject) BERApplicationSpecific(org.bouncycastle.asn1.BERApplicationSpecific) BERConstructedOctetString(org.bouncycastle.asn1.BERConstructedOctetString) DERBoolean(org.bouncycastle.asn1.DERBoolean) BERSet(org.bouncycastle.asn1.BERSet) Enumeration(java.util.Enumeration) DERBMPString(org.bouncycastle.asn1.DERBMPString) BERConstructedSequence(org.bouncycastle.asn1.BERConstructedSequence) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) BERSequence(org.bouncycastle.asn1.BERSequence) DERBitString(org.bouncycastle.asn1.DERBitString) DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier) DERUnknownTag(org.bouncycastle.asn1.DERUnknownTag) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) DEREnumerated(org.bouncycastle.asn1.DEREnumerated) ASN1Set(org.bouncycastle.asn1.ASN1Set) DERT61String(org.bouncycastle.asn1.DERT61String) DEREncodable(org.bouncycastle.asn1.DEREncodable) DERObject(org.bouncycastle.asn1.DERObject) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) BERTaggedObject(org.bouncycastle.asn1.BERTaggedObject) DERConstructedSequence(org.bouncycastle.asn1.DERConstructedSequence)

Example 10 with DERBMPString

use of com.github.zhenwei.core.asn1.DERBMPString in project LinLong-Java by zhenwei1108.

the class PKCS12KeyStoreSpi method doStore.

private void doStore(OutputStream stream, char[] password, boolean useDEREncoding) throws IOException {
    if (keys.size() == 0) {
        if (password == null) {
            Enumeration cs = certs.keys();
            ASN1EncodableVector certSeq = new ASN1EncodableVector();
            while (cs.hasMoreElements()) {
                try {
                    String certId = (String) cs.nextElement();
                    Certificate cert = (Certificate) certs.get(certId);
                    SafeBag sBag = createSafeBag(certId, cert);
                    certSeq.add(sBag);
                } catch (CertificateEncodingException e) {
                    throw new IOException("Error encoding certificate: " + e.toString());
                }
            }
            if (useDEREncoding) {
                ContentInfo bagInfo = new ContentInfo(PKCSObjectIdentifiers.data, new DEROctetString(new DERSequence(certSeq).getEncoded()));
                Pfx pfx = new Pfx(new ContentInfo(PKCSObjectIdentifiers.data, new DEROctetString(new DERSequence(bagInfo).getEncoded())), null);
                pfx.encodeTo(stream, ASN1Encoding.DER);
            } else {
                ContentInfo bagInfo = new ContentInfo(PKCSObjectIdentifiers.data, new BEROctetString(new BERSequence(certSeq).getEncoded()));
                Pfx pfx = new Pfx(new ContentInfo(PKCSObjectIdentifiers.data, new BEROctetString(new BERSequence(bagInfo).getEncoded())), null);
                pfx.encodeTo(stream, ASN1Encoding.BER);
            }
            return;
        }
    } else {
        if (password == null) {
            throw new NullPointerException("no password supplied for PKCS#12 KeyStore");
        }
    }
    // 
    // handle the key
    // 
    ASN1EncodableVector keyS = new ASN1EncodableVector();
    Enumeration ks = keys.keys();
    while (ks.hasMoreElements()) {
        byte[] kSalt = new byte[SALT_SIZE];
        random.nextBytes(kSalt);
        String name = (String) ks.nextElement();
        PrivateKey privKey = (PrivateKey) keys.get(name);
        PKCS12PBEParams kParams = new PKCS12PBEParams(kSalt, MIN_ITERATIONS);
        byte[] kBytes = wrapKey(keyAlgorithm.getId(), privKey, kParams, password);
        AlgorithmIdentifier kAlgId = new AlgorithmIdentifier(keyAlgorithm, kParams.toASN1Primitive());
        com.github.zhenwei.core.asn1.pkcs.EncryptedPrivateKeyInfo kInfo = new com.github.zhenwei.core.asn1.pkcs.EncryptedPrivateKeyInfo(kAlgId, kBytes);
        boolean attrSet = false;
        ASN1EncodableVector kName = new ASN1EncodableVector();
        if (privKey instanceof PKCS12BagAttributeCarrier) {
            PKCS12BagAttributeCarrier bagAttrs = (PKCS12BagAttributeCarrier) privKey;
            // 
            // make sure we are using the local alias on store
            // 
            ASN1BMPString nm = (ASN1BMPString) bagAttrs.getBagAttribute(pkcs_9_at_friendlyName);
            if (nm == null || !nm.getString().equals(name)) {
                bagAttrs.setBagAttribute(pkcs_9_at_friendlyName, new DERBMPString(name));
            }
            // 
            if (bagAttrs.getBagAttribute(pkcs_9_at_localKeyId) == null) {
                Certificate ct = engineGetCertificate(name);
                bagAttrs.setBagAttribute(pkcs_9_at_localKeyId, createSubjectKeyId(ct.getPublicKey()));
            }
            Enumeration e = bagAttrs.getBagAttributeKeys();
            while (e.hasMoreElements()) {
                ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement();
                ASN1EncodableVector kSeq = new ASN1EncodableVector();
                kSeq.add(oid);
                kSeq.add(new DERSet(bagAttrs.getBagAttribute(oid)));
                attrSet = true;
                kName.add(new DERSequence(kSeq));
            }
        }
        if (!attrSet) {
            // 
            // set a default friendly name (from the key id) and local id
            // 
            ASN1EncodableVector kSeq = new ASN1EncodableVector();
            Certificate ct = engineGetCertificate(name);
            kSeq.add(pkcs_9_at_localKeyId);
            kSeq.add(new DERSet(createSubjectKeyId(ct.getPublicKey())));
            kName.add(new DERSequence(kSeq));
            kSeq = new ASN1EncodableVector();
            kSeq.add(pkcs_9_at_friendlyName);
            kSeq.add(new DERSet(new DERBMPString(name)));
            kName.add(new DERSequence(kSeq));
        }
        SafeBag kBag = new SafeBag(pkcs8ShroudedKeyBag, kInfo.toASN1Primitive(), new DERSet(kName));
        keyS.add(kBag);
    }
    byte[] keySEncoded = new DERSequence(keyS).getEncoded(ASN1Encoding.DER);
    BEROctetString keyString = new BEROctetString(keySEncoded);
    // 
    // certificate processing
    // 
    byte[] cSalt = new byte[SALT_SIZE];
    random.nextBytes(cSalt);
    ASN1EncodableVector certSeq = new ASN1EncodableVector();
    PKCS12PBEParams cParams = new PKCS12PBEParams(cSalt, MIN_ITERATIONS);
    AlgorithmIdentifier cAlgId = new AlgorithmIdentifier(certAlgorithm, cParams.toASN1Primitive());
    Hashtable doneCerts = new Hashtable();
    Enumeration cs = keys.keys();
    while (cs.hasMoreElements()) {
        try {
            String name = (String) cs.nextElement();
            Certificate cert = engineGetCertificate(name);
            boolean cAttrSet = false;
            CertBag cBag = new CertBag(x509Certificate, new DEROctetString(cert.getEncoded()));
            ASN1EncodableVector fName = new ASN1EncodableVector();
            if (cert instanceof PKCS12BagAttributeCarrier) {
                PKCS12BagAttributeCarrier bagAttrs = (PKCS12BagAttributeCarrier) cert;
                // 
                // make sure we are using the local alias on store
                // 
                ASN1BMPString nm = (ASN1BMPString) bagAttrs.getBagAttribute(pkcs_9_at_friendlyName);
                if (nm == null || !nm.getString().equals(name)) {
                    bagAttrs.setBagAttribute(pkcs_9_at_friendlyName, new DERBMPString(name));
                }
                // 
                if (bagAttrs.getBagAttribute(pkcs_9_at_localKeyId) == null) {
                    bagAttrs.setBagAttribute(pkcs_9_at_localKeyId, createSubjectKeyId(cert.getPublicKey()));
                }
                Enumeration e = bagAttrs.getBagAttributeKeys();
                while (e.hasMoreElements()) {
                    ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement();
                    ASN1EncodableVector fSeq = new ASN1EncodableVector();
                    fSeq.add(oid);
                    fSeq.add(new DERSet(bagAttrs.getBagAttribute(oid)));
                    fName.add(new DERSequence(fSeq));
                    cAttrSet = true;
                }
            }
            if (!cAttrSet) {
                ASN1EncodableVector fSeq = new ASN1EncodableVector();
                fSeq.add(pkcs_9_at_localKeyId);
                fSeq.add(new DERSet(createSubjectKeyId(cert.getPublicKey())));
                fName.add(new DERSequence(fSeq));
                fSeq = new ASN1EncodableVector();
                fSeq.add(pkcs_9_at_friendlyName);
                fSeq.add(new DERSet(new DERBMPString(name)));
                fName.add(new DERSequence(fSeq));
            }
            SafeBag sBag = new SafeBag(certBag, cBag.toASN1Primitive(), new DERSet(fName));
            certSeq.add(sBag);
            doneCerts.put(cert, cert);
        } catch (CertificateEncodingException e) {
            throw new IOException("Error encoding certificate: " + e.toString());
        }
    }
    cs = certs.keys();
    while (cs.hasMoreElements()) {
        try {
            String certId = (String) cs.nextElement();
            Certificate cert = (Certificate) certs.get(certId);
            if (keys.get(certId) != null) {
                continue;
            }
            SafeBag sBag = createSafeBag(certId, cert);
            certSeq.add(sBag);
            doneCerts.put(cert, cert);
        } catch (CertificateEncodingException e) {
            throw new IOException("Error encoding certificate: " + e.toString());
        }
    }
    Set usedSet = getUsedCertificateSet();
    cs = chainCerts.keys();
    while (cs.hasMoreElements()) {
        try {
            CertId certId = (CertId) cs.nextElement();
            Certificate cert = (Certificate) chainCerts.get(certId);
            if (!usedSet.contains(cert)) {
                continue;
            }
            if (doneCerts.get(cert) != null) {
                continue;
            }
            CertBag cBag = new CertBag(x509Certificate, new DEROctetString(cert.getEncoded()));
            ASN1EncodableVector fName = new ASN1EncodableVector();
            if (cert instanceof PKCS12BagAttributeCarrier) {
                PKCS12BagAttributeCarrier bagAttrs = (PKCS12BagAttributeCarrier) cert;
                Enumeration e = bagAttrs.getBagAttributeKeys();
                while (e.hasMoreElements()) {
                    ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement();
                    // If we find one, we'll prune it out.
                    if (oid.equals(PKCSObjectIdentifiers.pkcs_9_at_localKeyId)) {
                        continue;
                    }
                    ASN1EncodableVector fSeq = new ASN1EncodableVector();
                    fSeq.add(oid);
                    fSeq.add(new DERSet(bagAttrs.getBagAttribute(oid)));
                    fName.add(new DERSequence(fSeq));
                }
            }
            SafeBag sBag = new SafeBag(certBag, cBag.toASN1Primitive(), new DERSet(fName));
            certSeq.add(sBag);
        } catch (CertificateEncodingException e) {
            throw new IOException("Error encoding certificate: " + e.toString());
        }
    }
    byte[] certSeqEncoded = new DERSequence(certSeq).getEncoded(ASN1Encoding.DER);
    byte[] certBytes = cryptData(true, cAlgId, password, false, certSeqEncoded);
    EncryptedData cInfo = new EncryptedData(data, cAlgId, new BEROctetString(certBytes));
    ContentInfo[] info = new ContentInfo[] { new ContentInfo(data, keyString), new ContentInfo(encryptedData, cInfo.toASN1Primitive()) };
    AuthenticatedSafe auth = new AuthenticatedSafe(info);
    byte[] pkg = auth.getEncoded(useDEREncoding ? ASN1Encoding.DER : ASN1Encoding.BER);
    ContentInfo mainInfo = new ContentInfo(data, new BEROctetString(pkg));
    // 
    // create the mac
    // 
    byte[] mSalt = new byte[saltLength];
    random.nextBytes(mSalt);
    byte[] data = ((ASN1OctetString) mainInfo.getContent()).getOctets();
    MacData mData;
    try {
        byte[] res = calculatePbeMac(macAlgorithm.getAlgorithm(), mSalt, itCount, password, false, data);
        DigestInfo dInfo = new DigestInfo(macAlgorithm, res);
        mData = new MacData(dInfo, mSalt, itCount);
    } catch (Exception e) {
        throw new IOException("error constructing MAC: " + e.toString());
    }
    // 
    // output the Pfx
    // 
    Pfx pfx = new Pfx(mainInfo, mData);
    pfx.encodeTo(stream, useDEREncoding ? ASN1Encoding.DER : ASN1Encoding.BER);
}
Also used : ASN1OctetString(com.github.zhenwei.core.asn1.ASN1OctetString) PrivateKey(java.security.PrivateKey) Set(java.util.Set) DERSet(com.github.zhenwei.core.asn1.DERSet) ASN1Set(com.github.zhenwei.core.asn1.ASN1Set) HashSet(java.util.HashSet) ASN1BMPString(com.github.zhenwei.core.asn1.ASN1BMPString) AuthenticatedSafe(com.github.zhenwei.core.asn1.pkcs.AuthenticatedSafe) BEROctetString(com.github.zhenwei.core.asn1.BEROctetString) DERBMPString(com.github.zhenwei.core.asn1.DERBMPString) ASN1BMPString(com.github.zhenwei.core.asn1.ASN1BMPString) ASN1OctetString(com.github.zhenwei.core.asn1.ASN1OctetString) DEROctetString(com.github.zhenwei.core.asn1.DEROctetString) DERSet(com.github.zhenwei.core.asn1.DERSet) DEROctetString(com.github.zhenwei.core.asn1.DEROctetString) PKCS12BagAttributeCarrier(com.github.zhenwei.provider.jce.interfaces.PKCS12BagAttributeCarrier) AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier) DERSequence(com.github.zhenwei.core.asn1.DERSequence) BEROctetString(com.github.zhenwei.core.asn1.BEROctetString) ContentInfo(com.github.zhenwei.core.asn1.pkcs.ContentInfo) ASN1EncodableVector(com.github.zhenwei.core.asn1.ASN1EncodableVector) EncryptedData(com.github.zhenwei.core.asn1.pkcs.EncryptedData) MacData(com.github.zhenwei.core.asn1.pkcs.MacData) Enumeration(java.util.Enumeration) Pfx(com.github.zhenwei.core.asn1.pkcs.Pfx) DERBMPString(com.github.zhenwei.core.asn1.DERBMPString) Hashtable(java.util.Hashtable) BERSequence(com.github.zhenwei.core.asn1.BERSequence) CertificateEncodingException(java.security.cert.CertificateEncodingException) IOException(java.io.IOException) SafeBag(com.github.zhenwei.core.asn1.pkcs.SafeBag) KeyStoreException(java.security.KeyStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) CertificateEncodingException(java.security.cert.CertificateEncodingException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) IOException(java.io.IOException) EOFException(java.io.EOFException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) CertificateException(java.security.cert.CertificateException) NoSuchProviderException(java.security.NoSuchProviderException) CertBag(com.github.zhenwei.core.asn1.pkcs.CertBag) PKCS12PBEParams(com.github.zhenwei.core.asn1.pkcs.PKCS12PBEParams) DigestInfo(com.github.zhenwei.core.asn1.x509.DigestInfo) ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Aggregations

DERBMPString (org.bouncycastle.asn1.DERBMPString)12 Enumeration (java.util.Enumeration)9 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)8 DEROctetString (org.bouncycastle.asn1.DEROctetString)7 IOException (java.io.IOException)6 KeyStoreException (java.security.KeyStoreException)5 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)5 PrivateKey (java.security.PrivateKey)5 UnrecoverableKeyException (java.security.UnrecoverableKeyException)5 Certificate (java.security.cert.Certificate)5 CertificateEncodingException (java.security.cert.CertificateEncodingException)5 CertificateException (java.security.cert.CertificateException)5 X509Certificate (java.security.cert.X509Certificate)5 Hashtable (java.util.Hashtable)5 BERConstructedOctetString (org.bouncycastle.asn1.BERConstructedOctetString)5 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)4 DERSequence (org.bouncycastle.asn1.DERSequence)4 DERUTF8String (org.bouncycastle.asn1.DERUTF8String)4 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)3 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)3