Search in sources :

Example 11 with DLSequence

use of com.github.zhenwei.core.asn1.DLSequence in project transparenzsoftware by SAFE-eV.

the class PcdfVerificationParser method checkSignAndPublicKeyByte.

private boolean checkSignAndPublicKeyByte(String data, String sign, byte[] pke) {
    try {
        int lns = sign.length();
        byte[] se = new byte[lns / 2];
        for (int i = 0; i < lns / 2; i++) {
            String val = sign.substring(i * 2, i * 2 + 2);
            se[i] = (byte) Integer.parseInt(val, 16);
        }
        byte[] x = new byte[32];
        byte[] y = new byte[32];
        System.arraycopy(pke, 1, x, 0, 32);
        System.arraycopy(pke, 33, y, 0, 32);
        try {
            X9ECParameters params = SECNamedCurves.getByName("secp256r1");
            ECDomainParameters ecParams = new ECDomainParameters(params.getCurve(), params.getG(), params.getN(), params.getH());
            ECPublicKeyParameters pubKeyParams = new ECPublicKeyParameters(ecParams.getCurve().decodePoint(pke), ecParams);
            ASN1InputStream asn1 = new ASN1InputStream(se);
            ECDSASigner signer2 = new ECDSASigner();
            // not for signing...
            signer2.init(false, pubKeyParams);
            DLSequence seq = (DLSequence) asn1.readObject();
            BigInteger r = ((ASN1Integer) seq.getObjectAt(0)).getPositiveValue();
            BigInteger s = ((ASN1Integer) seq.getObjectAt(1)).getPositiveValue();
            MessageDigest digest = MessageDigest.getInstance("SHA-256");
            byte[] hash = digest.digest(data.getBytes(StandardCharsets.UTF_8));
            boolean result = signer2.verifySignature(hash, r.abs(), s.abs());
            VerificationLogger.log("PCDF", "secp256r1", pke, hash, se, result);
            return result;
        } catch (NoSuchAlgorithmException e) {
        // getLogger().error(e.getClass().getSimpleName() + " occurred when trying to get public key from raw bytes", e);
        // return null;
        }
    } catch (Exception e) {
        e.printStackTrace();
    }
    return false;
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) ECDomainParameters(org.bouncycastle.crypto.params.ECDomainParameters) ECDSASigner(org.bouncycastle.crypto.signers.ECDSASigner) X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) ECPublicKeyParameters(org.bouncycastle.crypto.params.ECPublicKeyParameters) ECPoint(java.security.spec.ECPoint) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) InvalidParameterSpecException(java.security.spec.InvalidParameterSpecException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) DLSequence(org.bouncycastle.asn1.DLSequence) BigInteger(java.math.BigInteger) MessageDigest(java.security.MessageDigest)

Example 12 with DLSequence

use of com.github.zhenwei.core.asn1.DLSequence in project keystore-explorer by kaikramer.

the class X509Ext method getQcStatementsStringValue.

private static String getQcStatementsStringValue(byte[] octets) throws IOException {
    // @formatter:off
    /*
			QCStatements ::= SEQUENCE OF QSStatement
		    QSStatement ::= SEQUENCE
		    {
		        statementId OBJECT IDENTIFIER,
		        statementInfo ANY DEFINED BY statementId OPTIONAL
		    }
		    QcEuLimitValue ::= MonetaryValue
			QcRetentionPeriod ::= INTEGER
		 */
    // @formatter:on
    StringBuilder sb = new StringBuilder();
    int qcStatementNr = 0;
    ASN1Sequence qcStatements = ASN1Sequence.getInstance(octets);
    for (ASN1Encodable asn1Encodable : qcStatements.toArray()) {
        QCStatement qcStatement = QCStatement.getInstance(asn1Encodable);
        ASN1ObjectIdentifier statementId = qcStatement.getStatementId();
        ASN1Encodable statementInfo = qcStatement.getStatementInfo();
        int indentLevel = 1;
        sb.append(MessageFormat.format(res.getString("QCStatement.QCStatement"), ++qcStatementNr));
        sb.append(NEWLINE);
        QcStatementType qcStatementType = QcStatementType.resolveOid(statementId.getId());
        switch(qcStatementType) {
            case QC_SYNTAX_V1:
            case QC_SYNTAX_V2:
                SemanticsInformation semanticsInfo = SemanticsInformation.getInstance(statementInfo);
                sb.append(getSemanticInformationValueString(qcStatementType, semanticsInfo, indentLevel));
                break;
            case QC_COMPLIANCE:
                // no statementInfo
                sb.append(INDENT.toString(indentLevel));
                sb.append(res.getString(QcStatementType.QC_COMPLIANCE.getResKey()));
                sb.append(NEWLINE);
                break;
            case QC_EU_LIMIT_VALUE:
                sb.append(INDENT.toString(indentLevel));
                sb.append(res.getString(QcStatementType.QC_EU_LIMIT_VALUE.getResKey()));
                sb.append(NEWLINE);
                sb.append(getMonetaryValueStringValue(statementInfo, indentLevel + 1));
                break;
            case QC_RETENTION_PERIOD:
                ASN1Integer asn1Integer = ASN1Integer.getInstance(statementInfo);
                sb.append(INDENT.toString(indentLevel));
                sb.append(MessageFormat.format(res.getString(QcStatementType.QC_RETENTION_PERIOD.getResKey()), asn1Integer.getValue().toString()));
                sb.append(NEWLINE);
                break;
            case QC_SSCD:
                // no statementInfo
                sb.append(INDENT.toString(indentLevel));
                sb.append(res.getString(QcStatementType.QC_SSCD.getResKey()));
                sb.append(NEWLINE);
                break;
            case QC_PDS:
                ASN1Sequence pdsLocations = ASN1Sequence.getInstance(statementInfo);
                sb.append(INDENT.toString(indentLevel));
                sb.append(res.getString(QcStatementType.QC_PDS.getResKey()));
                for (ASN1Encodable pdsLoc : pdsLocations) {
                    sb.append(NEWLINE);
                    sb.append(INDENT.toString(indentLevel + 1));
                    DLSequence pds = (DLSequence) pdsLoc;
                    sb.append(MessageFormat.format(res.getString("QCPDS.locations"), pds.getObjectAt(1), pds.getObjectAt(0)));
                }
                sb.append(NEWLINE);
                break;
            case QC_TYPE:
                sb.append(INDENT.toString(indentLevel));
                sb.append(res.getString(QcStatementType.QC_TYPE.getResKey()));
                ASN1Sequence qcTypes = ASN1Sequence.getInstance(statementInfo);
                for (ASN1Encodable type : qcTypes) {
                    sb.append(NEWLINE);
                    sb.append(INDENT.toString(indentLevel + 1));
                    sb.append(ObjectIdUtil.toString((ASN1ObjectIdentifier) type));
                }
                sb.append(NEWLINE);
                break;
            default:
                // unknown statement type
                sb.append(INDENT.toString(indentLevel));
                sb.append(ObjectIdUtil.toString(statementId));
                if (statementInfo != null) {
                    sb.append(statementInfo.toString());
                }
                sb.append(NEWLINE);
        }
    }
    return sb.toString();
}
Also used : ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) QCStatement(org.bouncycastle.asn1.x509.qualified.QCStatement) DLSequence(org.bouncycastle.asn1.DLSequence) SemanticsInformation(org.bouncycastle.asn1.x509.qualified.SemanticsInformation) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 13 with DLSequence

use of com.github.zhenwei.core.asn1.DLSequence in project jmulticard by ctt-gob-es.

the class ContentInfo method toASN1Primitive.

/**
 * Produce an object suitable for an ASN1OutputStream.
 */
public ASN1Primitive toASN1Primitive() {
    ASN1EncodableVector v = new ASN1EncodableVector(2);
    v.add(contentType);
    if (content != null) {
        if (isDefiniteLength) {
            v.add(new DLTaggedObject(0, content));
        } else {
            v.add(new BERTaggedObject(0, content));
        }
    }
    return isDefiniteLength ? (ASN1Primitive) new DLSequence(v) : (ASN1Primitive) new BERSequence(v);
}
Also used : DLTaggedObject(org.bouncycastle.asn1.DLTaggedObject) DLSequence(org.bouncycastle.asn1.DLSequence) BERSequence(org.bouncycastle.asn1.BERSequence) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) BERTaggedObject(org.bouncycastle.asn1.BERTaggedObject)

Example 14 with DLSequence

use of com.github.zhenwei.core.asn1.DLSequence in project signer by demoiselle.

the class BasicCertificate method getAuthorityKeyIdentifier.

/**
 * *
 *
 * @return the authority key identifier of a certificate
 */
public String getAuthorityKeyIdentifier() {
    // TODO - Precisa validar este metodo com a RFC
    try {
        DLSequence sequence = (DLSequence) getExtensionValue(Extension.authorityKeyIdentifier.getId());
        if (sequence == null || sequence.size() == 0) {
            return null;
        }
        DERTaggedObject taggedObject = (DERTaggedObject) sequence.getObjectAt(0);
        DEROctetString oct = (DEROctetString) taggedObject.getObject();
        return toString(oct.getOctets());
    } catch (Exception error) {
        logger.error(error.getMessage());
        return null;
    }
}
Also used : DLSequence(org.bouncycastle.asn1.DLSequence) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) DEROctetString(org.bouncycastle.asn1.DEROctetString) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException)

Example 15 with DLSequence

use of com.github.zhenwei.core.asn1.DLSequence in project signer by demoiselle.

the class BasicCertificate method getCertificateLevel.

/**
 * returns the ICP-BRASIL Certificate Level(A1, A2, A3, A4, S1, S2, S3,
 * S4).<br>
 * DOC-ICP-04 Returns the <b>null</b> value if the CertificatePolicies is
 * NOT present.
 *
 * @return String Certificate level
 */
public String getCertificateLevel() {
    try {
        DLSequence sequence = (DLSequence) getExtensionValue(Extension.certificatePolicies.getId());
        if (sequence != null) {
            for (int pos = 0; pos < sequence.size(); pos++) {
                DLSequence sequence2 = (DLSequence) sequence.getObjectAt(pos);
                ASN1ObjectIdentifier policyIdentifier = (ASN1ObjectIdentifier) sequence2.getObjectAt(0);
                PolicyInformation policyInformation = new PolicyInformation(policyIdentifier);
                String id = policyInformation.getPolicyIdentifier().getId();
                if (id == null) {
                    continue;
                }
                if (id.startsWith(OID_A1_CERTIFICATE)) {
                    return "A1";
                }
                if (id.startsWith(OID_A2_CERTIFICATE)) {
                    return "A2";
                }
                if (id.startsWith(OID_A3_CERTIFICATE)) {
                    return "A3";
                }
                if (id.startsWith(OID_A4_CERTIFICATE)) {
                    return "A4";
                }
                if (id.startsWith(OID_S1_CERTIFICATE)) {
                    return "S1";
                }
                if (id.startsWith(OID_S2_CERTIFICATE)) {
                    return "S2";
                }
                if (id.startsWith(OID_S3_CERTIFICATE)) {
                    return "S3";
                }
                if (id.startsWith(OID_S4_CERTIFICATE)) {
                    return "S4";
                }
            }
        }
        return null;
    } catch (Exception e) {
        logger.error(e.getMessage());
        return null;
    }
}
Also used : DLSequence(org.bouncycastle.asn1.DLSequence) PolicyInformation(org.bouncycastle.asn1.x509.PolicyInformation) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERIA5String(org.bouncycastle.asn1.DERIA5String) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException)

Aggregations

DLSequence (org.bouncycastle.asn1.DLSequence)59 IOException (java.io.IOException)27 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)21 DERTaggedObject (org.bouncycastle.asn1.DERTaggedObject)21 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)18 ASN1Primitive (org.bouncycastle.asn1.ASN1Primitive)18 DEROctetString (org.bouncycastle.asn1.DEROctetString)13 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)12 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)12 BigInteger (java.math.BigInteger)9 DERUTF8String (org.bouncycastle.asn1.DERUTF8String)9 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)8 DERIA5String (org.bouncycastle.asn1.DERIA5String)8 ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)7 DLSequence (com.github.zhenwei.core.asn1.DLSequence)6 Pair (android.util.Pair)5 CertificateEncodingException (java.security.cert.CertificateEncodingException)5 ASN1EncodableVector (com.github.zhenwei.core.asn1.ASN1EncodableVector)4 ASN1OutputStream (org.bouncycastle.asn1.ASN1OutputStream)4 Extension (org.bouncycastle.asn1.x509.Extension)4