Examples with DEROctetString com.github.zhenwei.core.asn1.DEROctetString used on opensource projects
Example 46 with DEROctetString
use of com.github.zhenwei.core.asn1.DEROctetString in project LinLong-Java by zhenwei1108.
the class ESSCertIDv2 method toASN1Primitive.
/**
* <pre>
* ESSCertIDv2 ::= SEQUENCE {
* hashAlgorithm AlgorithmIdentifier
* DEFAULT {algorithm id-sha256},
* certHash Hash,
* issuerSerial IssuerSerial OPTIONAL
* }
*
* Hash ::= OCTET STRING
*
* IssuerSerial ::= SEQUENCE {
* issuer GeneralNames,
* serialNumber CertificateSerialNumber
* }
* </pre>
*/
public ASN1Primitive toASN1Primitive() {
ASN1EncodableVector v = new ASN1EncodableVector(3);
if (!hashAlgorithm.equals(DEFAULT_ALG_ID)) {
v.add(hashAlgorithm);
}
v.add(new DEROctetString(certHash).toASN1Primitive());
if (issuerSerial != null) {
v.add(issuerSerial);
}
return new DERSequence(v);
}
Also used :
DERSequence(com.github.zhenwei.core.asn1.DERSequence)
ASN1EncodableVector(com.github.zhenwei.core.asn1.ASN1EncodableVector)
DEROctetString(com.github.zhenwei.core.asn1.DEROctetString)
Example 47 with DEROctetString
use of com.github.zhenwei.core.asn1.DEROctetString in project LinLong-Java by zhenwei1108.
the class ECDSAPublicKey method getASN1EncodableVector.
public ASN1EncodableVector getASN1EncodableVector(ASN1ObjectIdentifier oid, boolean publicPointOnly) {
ASN1EncodableVector v = new ASN1EncodableVector(8);
v.add(oid);
if (!publicPointOnly) {
v.add(new UnsignedInteger(0x01, getPrimeModulusP()));
v.add(new UnsignedInteger(0x02, getFirstCoefA()));
v.add(new UnsignedInteger(0x03, getSecondCoefB()));
v.add(new DERTaggedObject(false, 0x04, new DEROctetString(getBasePointG())));
v.add(new UnsignedInteger(0x05, getOrderOfBasePointR()));
}
v.add(new DERTaggedObject(false, 0x06, new DEROctetString(getPublicPointY())));
if (!publicPointOnly) {
v.add(new UnsignedInteger(0x07, getCofactorF()));
}
return v;
}
Also used :
DERTaggedObject(com.github.zhenwei.core.asn1.DERTaggedObject)
ASN1EncodableVector(com.github.zhenwei.core.asn1.ASN1EncodableVector)
DEROctetString(com.github.zhenwei.core.asn1.DEROctetString)
Example 48 with DEROctetString
use of com.github.zhenwei.core.asn1.DEROctetString in project LinLong-Java by zhenwei1108.
the class PKCS12KeyStoreSpi method doStore.
private void doStore(OutputStream stream, char[] password, boolean useDEREncoding) throws IOException {
if (keys.size() == 0) {
if (password == null) {
Enumeration cs = certs.keys();
ASN1EncodableVector certSeq = new ASN1EncodableVector();
while (cs.hasMoreElements()) {
try {
String certId = (String) cs.nextElement();
Certificate cert = (Certificate) certs.get(certId);
SafeBag sBag = createSafeBag(certId, cert);
certSeq.add(sBag);
} catch (CertificateEncodingException e) {
throw new IOException("Error encoding certificate: " + e.toString());
}
}
if (useDEREncoding) {
ContentInfo bagInfo = new ContentInfo(PKCSObjectIdentifiers.data, new DEROctetString(new DERSequence(certSeq).getEncoded()));
Pfx pfx = new Pfx(new ContentInfo(PKCSObjectIdentifiers.data, new DEROctetString(new DERSequence(bagInfo).getEncoded())), null);
pfx.encodeTo(stream, ASN1Encoding.DER);
} else {
ContentInfo bagInfo = new ContentInfo(PKCSObjectIdentifiers.data, new BEROctetString(new BERSequence(certSeq).getEncoded()));
Pfx pfx = new Pfx(new ContentInfo(PKCSObjectIdentifiers.data, new BEROctetString(new BERSequence(bagInfo).getEncoded())), null);
pfx.encodeTo(stream, ASN1Encoding.BER);
}
return;
}
} else {
if (password == null) {
throw new NullPointerException("no password supplied for PKCS#12 KeyStore");
}
}
//
// handle the key
//
ASN1EncodableVector keyS = new ASN1EncodableVector();
Enumeration ks = keys.keys();
while (ks.hasMoreElements()) {
byte[] kSalt = new byte[SALT_SIZE];
random.nextBytes(kSalt);
String name = (String) ks.nextElement();
PrivateKey privKey = (PrivateKey) keys.get(name);
PKCS12PBEParams kParams = new PKCS12PBEParams(kSalt, MIN_ITERATIONS);
byte[] kBytes = wrapKey(keyAlgorithm.getId(), privKey, kParams, password);
AlgorithmIdentifier kAlgId = new AlgorithmIdentifier(keyAlgorithm, kParams.toASN1Primitive());
com.github.zhenwei.core.asn1.pkcs.EncryptedPrivateKeyInfo kInfo = new com.github.zhenwei.core.asn1.pkcs.EncryptedPrivateKeyInfo(kAlgId, kBytes);
boolean attrSet = false;
ASN1EncodableVector kName = new ASN1EncodableVector();
if (privKey instanceof PKCS12BagAttributeCarrier) {
PKCS12BagAttributeCarrier bagAttrs = (PKCS12BagAttributeCarrier) privKey;
//
// make sure we are using the local alias on store
//
ASN1BMPString nm = (ASN1BMPString) bagAttrs.getBagAttribute(pkcs_9_at_friendlyName);
if (nm == null || !nm.getString().equals(name)) {
bagAttrs.setBagAttribute(pkcs_9_at_friendlyName, new DERBMPString(name));
}
//
if (bagAttrs.getBagAttribute(pkcs_9_at_localKeyId) == null) {
Certificate ct = engineGetCertificate(name);
bagAttrs.setBagAttribute(pkcs_9_at_localKeyId, createSubjectKeyId(ct.getPublicKey()));
}
Enumeration e = bagAttrs.getBagAttributeKeys();
while (e.hasMoreElements()) {
ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement();
ASN1EncodableVector kSeq = new ASN1EncodableVector();
kSeq.add(oid);
kSeq.add(new DERSet(bagAttrs.getBagAttribute(oid)));
attrSet = true;
kName.add(new DERSequence(kSeq));
}
}
if (!attrSet) {
//
// set a default friendly name (from the key id) and local id
//
ASN1EncodableVector kSeq = new ASN1EncodableVector();
Certificate ct = engineGetCertificate(name);
kSeq.add(pkcs_9_at_localKeyId);
kSeq.add(new DERSet(createSubjectKeyId(ct.getPublicKey())));
kName.add(new DERSequence(kSeq));
kSeq = new ASN1EncodableVector();
kSeq.add(pkcs_9_at_friendlyName);
kSeq.add(new DERSet(new DERBMPString(name)));
kName.add(new DERSequence(kSeq));
}
SafeBag kBag = new SafeBag(pkcs8ShroudedKeyBag, kInfo.toASN1Primitive(), new DERSet(kName));
keyS.add(kBag);
}
byte[] keySEncoded = new DERSequence(keyS).getEncoded(ASN1Encoding.DER);
BEROctetString keyString = new BEROctetString(keySEncoded);
//
// certificate processing
//
byte[] cSalt = new byte[SALT_SIZE];
random.nextBytes(cSalt);
ASN1EncodableVector certSeq = new ASN1EncodableVector();
PKCS12PBEParams cParams = new PKCS12PBEParams(cSalt, MIN_ITERATIONS);
AlgorithmIdentifier cAlgId = new AlgorithmIdentifier(certAlgorithm, cParams.toASN1Primitive());
Hashtable doneCerts = new Hashtable();
Enumeration cs = keys.keys();
while (cs.hasMoreElements()) {
try {
String name = (String) cs.nextElement();
Certificate cert = engineGetCertificate(name);
boolean cAttrSet = false;
CertBag cBag = new CertBag(x509Certificate, new DEROctetString(cert.getEncoded()));
ASN1EncodableVector fName = new ASN1EncodableVector();
if (cert instanceof PKCS12BagAttributeCarrier) {
PKCS12BagAttributeCarrier bagAttrs = (PKCS12BagAttributeCarrier) cert;
//
// make sure we are using the local alias on store
//
ASN1BMPString nm = (ASN1BMPString) bagAttrs.getBagAttribute(pkcs_9_at_friendlyName);
if (nm == null || !nm.getString().equals(name)) {
bagAttrs.setBagAttribute(pkcs_9_at_friendlyName, new DERBMPString(name));
}
//
if (bagAttrs.getBagAttribute(pkcs_9_at_localKeyId) == null) {
bagAttrs.setBagAttribute(pkcs_9_at_localKeyId, createSubjectKeyId(cert.getPublicKey()));
}
Enumeration e = bagAttrs.getBagAttributeKeys();
while (e.hasMoreElements()) {
ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement();
ASN1EncodableVector fSeq = new ASN1EncodableVector();
fSeq.add(oid);
fSeq.add(new DERSet(bagAttrs.getBagAttribute(oid)));
fName.add(new DERSequence(fSeq));
cAttrSet = true;
}
}
if (!cAttrSet) {
ASN1EncodableVector fSeq = new ASN1EncodableVector();
fSeq.add(pkcs_9_at_localKeyId);
fSeq.add(new DERSet(createSubjectKeyId(cert.getPublicKey())));
fName.add(new DERSequence(fSeq));
fSeq = new ASN1EncodableVector();
fSeq.add(pkcs_9_at_friendlyName);
fSeq.add(new DERSet(new DERBMPString(name)));
fName.add(new DERSequence(fSeq));
}
SafeBag sBag = new SafeBag(certBag, cBag.toASN1Primitive(), new DERSet(fName));
certSeq.add(sBag);
doneCerts.put(cert, cert);
} catch (CertificateEncodingException e) {
throw new IOException("Error encoding certificate: " + e.toString());
}
}
cs = certs.keys();
while (cs.hasMoreElements()) {
try {
String certId = (String) cs.nextElement();
Certificate cert = (Certificate) certs.get(certId);
if (keys.get(certId) != null) {
continue;
}
SafeBag sBag = createSafeBag(certId, cert);
certSeq.add(sBag);
doneCerts.put(cert, cert);
} catch (CertificateEncodingException e) {
throw new IOException("Error encoding certificate: " + e.toString());
}
}
Set usedSet = getUsedCertificateSet();
cs = chainCerts.keys();
while (cs.hasMoreElements()) {
try {
CertId certId = (CertId) cs.nextElement();
Certificate cert = (Certificate) chainCerts.get(certId);
if (!usedSet.contains(cert)) {
continue;
}
if (doneCerts.get(cert) != null) {
continue;
}
CertBag cBag = new CertBag(x509Certificate, new DEROctetString(cert.getEncoded()));
ASN1EncodableVector fName = new ASN1EncodableVector();
if (cert instanceof PKCS12BagAttributeCarrier) {
PKCS12BagAttributeCarrier bagAttrs = (PKCS12BagAttributeCarrier) cert;
Enumeration e = bagAttrs.getBagAttributeKeys();
while (e.hasMoreElements()) {
ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement();
// If we find one, we'll prune it out.
if (oid.equals(PKCSObjectIdentifiers.pkcs_9_at_localKeyId)) {
continue;
}
ASN1EncodableVector fSeq = new ASN1EncodableVector();
fSeq.add(oid);
fSeq.add(new DERSet(bagAttrs.getBagAttribute(oid)));
fName.add(new DERSequence(fSeq));
}
}
SafeBag sBag = new SafeBag(certBag, cBag.toASN1Primitive(), new DERSet(fName));
certSeq.add(sBag);
} catch (CertificateEncodingException e) {
throw new IOException("Error encoding certificate: " + e.toString());
}
}
byte[] certSeqEncoded = new DERSequence(certSeq).getEncoded(ASN1Encoding.DER);
byte[] certBytes = cryptData(true, cAlgId, password, false, certSeqEncoded);
EncryptedData cInfo = new EncryptedData(data, cAlgId, new BEROctetString(certBytes));
ContentInfo[] info = new ContentInfo[] { new ContentInfo(data, keyString), new ContentInfo(encryptedData, cInfo.toASN1Primitive()) };
AuthenticatedSafe auth = new AuthenticatedSafe(info);
byte[] pkg = auth.getEncoded(useDEREncoding ? ASN1Encoding.DER : ASN1Encoding.BER);
ContentInfo mainInfo = new ContentInfo(data, new BEROctetString(pkg));
//
// create the mac
//
byte[] mSalt = new byte[saltLength];
random.nextBytes(mSalt);
byte[] data = ((ASN1OctetString) mainInfo.getContent()).getOctets();
MacData mData;
try {
byte[] res = calculatePbeMac(macAlgorithm.getAlgorithm(), mSalt, itCount, password, false, data);
DigestInfo dInfo = new DigestInfo(macAlgorithm, res);
mData = new MacData(dInfo, mSalt, itCount);
} catch (Exception e) {
throw new IOException("error constructing MAC: " + e.toString());
}
//
// output the Pfx
//
Pfx pfx = new Pfx(mainInfo, mData);
pfx.encodeTo(stream, useDEREncoding ? ASN1Encoding.DER : ASN1Encoding.BER);
}
Also used :
ASN1OctetString(com.github.zhenwei.core.asn1.ASN1OctetString)
PrivateKey(java.security.PrivateKey)
Set(java.util.Set)
DERSet(com.github.zhenwei.core.asn1.DERSet)
ASN1Set(com.github.zhenwei.core.asn1.ASN1Set)
HashSet(java.util.HashSet)
ASN1BMPString(com.github.zhenwei.core.asn1.ASN1BMPString)
AuthenticatedSafe(com.github.zhenwei.core.asn1.pkcs.AuthenticatedSafe)
BEROctetString(com.github.zhenwei.core.asn1.BEROctetString)
DERBMPString(com.github.zhenwei.core.asn1.DERBMPString)
ASN1BMPString(com.github.zhenwei.core.asn1.ASN1BMPString)
ASN1OctetString(com.github.zhenwei.core.asn1.ASN1OctetString)
DEROctetString(com.github.zhenwei.core.asn1.DEROctetString)
DERSet(com.github.zhenwei.core.asn1.DERSet)
DEROctetString(com.github.zhenwei.core.asn1.DEROctetString)
PKCS12BagAttributeCarrier(com.github.zhenwei.provider.jce.interfaces.PKCS12BagAttributeCarrier)
AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)
DERSequence(com.github.zhenwei.core.asn1.DERSequence)
BEROctetString(com.github.zhenwei.core.asn1.BEROctetString)
ContentInfo(com.github.zhenwei.core.asn1.pkcs.ContentInfo)
ASN1EncodableVector(com.github.zhenwei.core.asn1.ASN1EncodableVector)
EncryptedData(com.github.zhenwei.core.asn1.pkcs.EncryptedData)
MacData(com.github.zhenwei.core.asn1.pkcs.MacData)
Enumeration(java.util.Enumeration)
Pfx(com.github.zhenwei.core.asn1.pkcs.Pfx)
DERBMPString(com.github.zhenwei.core.asn1.DERBMPString)
Hashtable(java.util.Hashtable)
BERSequence(com.github.zhenwei.core.asn1.BERSequence)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
IOException(java.io.IOException)
SafeBag(com.github.zhenwei.core.asn1.pkcs.SafeBag)
KeyStoreException(java.security.KeyStoreException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
IOException(java.io.IOException)
EOFException(java.io.EOFException)
NoSuchPaddingException(javax.crypto.NoSuchPaddingException)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
CertificateException(java.security.cert.CertificateException)
NoSuchProviderException(java.security.NoSuchProviderException)
CertBag(com.github.zhenwei.core.asn1.pkcs.CertBag)
PKCS12PBEParams(com.github.zhenwei.core.asn1.pkcs.PKCS12PBEParams)
DigestInfo(com.github.zhenwei.core.asn1.x509.DigestInfo)
ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
Example 49 with DEROctetString
use of com.github.zhenwei.core.asn1.DEROctetString in project LinLong-Java by zhenwei1108.
the class PKCS12KeyStoreSpi method createSafeBag.
private SafeBag createSafeBag(String certId, Certificate cert) throws CertificateEncodingException {
CertBag cBag = new CertBag(x509Certificate, new DEROctetString(cert.getEncoded()));
ASN1EncodableVector fName = new ASN1EncodableVector();
boolean cAttrSet = false;
if (cert instanceof PKCS12BagAttributeCarrier) {
PKCS12BagAttributeCarrier bagAttrs = (PKCS12BagAttributeCarrier) cert;
//
// make sure we are using the local alias on store
//
ASN1BMPString nm = (ASN1BMPString) bagAttrs.getBagAttribute(pkcs_9_at_friendlyName);
if (nm == null || !nm.getString().equals(certId)) {
if (certId != null) {
bagAttrs.setBagAttribute(pkcs_9_at_friendlyName, new DERBMPString(certId));
}
}
Enumeration e = bagAttrs.getBagAttributeKeys();
while (e.hasMoreElements()) {
ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement();
// If we find one, we'll prune it out.
if (oid.equals(PKCSObjectIdentifiers.pkcs_9_at_localKeyId)) {
continue;
}
ASN1EncodableVector fSeq = new ASN1EncodableVector();
fSeq.add(oid);
fSeq.add(new DERSet(bagAttrs.getBagAttribute(oid)));
fName.add(new DERSequence(fSeq));
cAttrSet = true;
}
}
if (!cAttrSet) {
ASN1EncodableVector fSeq = new ASN1EncodableVector();
fSeq.add(pkcs_9_at_friendlyName);
fSeq.add(new DERSet(new DERBMPString(certId)));
fName.add(new DERSequence(fSeq));
}
return new SafeBag(certBag, cBag.toASN1Primitive(), new DERSet(fName));
}
Also used :
CertBag(com.github.zhenwei.core.asn1.pkcs.CertBag)
DERBMPString(com.github.zhenwei.core.asn1.DERBMPString)
Enumeration(java.util.Enumeration)
DERSequence(com.github.zhenwei.core.asn1.DERSequence)
ASN1BMPString(com.github.zhenwei.core.asn1.ASN1BMPString)
ASN1EncodableVector(com.github.zhenwei.core.asn1.ASN1EncodableVector)
SafeBag(com.github.zhenwei.core.asn1.pkcs.SafeBag)
DERSet(com.github.zhenwei.core.asn1.DERSet)
DEROctetString(com.github.zhenwei.core.asn1.DEROctetString)
PKCS12BagAttributeCarrier(com.github.zhenwei.provider.jce.interfaces.PKCS12BagAttributeCarrier)
ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)
Example 50 with DEROctetString
use of com.github.zhenwei.core.asn1.DEROctetString in project LinLong-Java by zhenwei1108.
the class MacData method toASN1Primitive.
/**
* <pre>
* MacData ::= SEQUENCE {
* mac DigestInfo,
* macSalt OCTET STRING,
* iterations INTEGER DEFAULT 1
* -- Note: The default is for historic reasons and its use is deprecated. A
* -- higher value, like 1024 is recommended.
* </pre>
*
* @return the basic ASN1Primitive construction.
*/
public ASN1Primitive toASN1Primitive() {
ASN1EncodableVector v = new ASN1EncodableVector(3);
v.add(digInfo);
v.add(new DEROctetString(salt));
if (!iterationCount.equals(ONE)) {
v.add(new ASN1Integer(iterationCount));
}
return new DERSequence(v);
}
Also used :
DERSequence(com.github.zhenwei.core.asn1.DERSequence)
ASN1EncodableVector(com.github.zhenwei.core.asn1.ASN1EncodableVector)
ASN1Integer(com.github.zhenwei.core.asn1.ASN1Integer)
DEROctetString(com.github.zhenwei.core.asn1.DEROctetString)
Aggregations
DEROctetString (org.bouncycastle.asn1.DEROctetString)139
IOException (java.io.IOException)104
DEROctetString (com.github.zhenwei.core.asn1.DEROctetString)86
ASN1EncodableVector (com.github.zhenwei.core.asn1.ASN1EncodableVector)49
DERSequence (org.bouncycastle.asn1.DERSequence)48
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)46
DERSequence (com.github.zhenwei.core.asn1.DERSequence)44
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)39
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)32
BigInteger (java.math.BigInteger)27
Extension (org.bouncycastle.asn1.x509.Extension)27
AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)26
ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)26
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)24
ASN1Integer (org.bouncycastle.asn1.ASN1Integer)23
DERTaggedObject (org.bouncycastle.asn1.DERTaggedObject)21
ASN1Integer (com.github.zhenwei.core.asn1.ASN1Integer)20
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)19
Extensions (org.bouncycastle.asn1.x509.Extensions)19
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)18
