Examples with ObjectData com.github.zhenwei.core.asn1.bc.ObjectData used on opensource projects

Example 6 with ObjectData

use of com.github.zhenwei.core.asn1.bc.ObjectData in project LinLong-Java by zhenwei1108.

the class BcFKSKeyStoreSpi method engineGetCertificateChain.

public Certificate[] engineGetCertificateChain(String alias) {
    ObjectData ent = (ObjectData) entries.get(alias);
    if (ent != null) {
        if (ent.getType().equals(PRIVATE_KEY) || ent.getType().equals(PROTECTED_PRIVATE_KEY)) {
            EncryptedPrivateKeyData encPrivData = EncryptedPrivateKeyData.getInstance(ent.getData());
            com.github.zhenwei.core.asn1.x509.Certificate[] certificates = encPrivData.getCertificateChain();
            Certificate[] chain = new X509Certificate[certificates.length];
            for (int i = 0; i != chain.length; i++) {
                chain[i] = decodeCertificate(certificates[i]);
            }
            return chain;
        }
    }
    return null;
}

Example 7 with ObjectData

use of com.github.zhenwei.core.asn1.bc.ObjectData in project LinLong-Java by zhenwei1108.

the class BcFKSKeyStoreSpi method engineGetCertificateAlias.

public String engineGetCertificateAlias(Certificate certificate) {
    if (certificate == null) {
        return null;
    }
    byte[] encodedCert;
    try {
        encodedCert = certificate.getEncoded();
    } catch (CertificateEncodingException e) {
        return null;
    }
    for (Iterator<String> it = entries.keySet().iterator(); it.hasNext(); ) {
        String alias = (String) it.next();
        ObjectData ent = (ObjectData) entries.get(alias);
        if (ent.getType().equals(CERTIFICATE)) {
            if (Arrays.areEqual(ent.getData(), encodedCert)) {
                return alias;
            }
        } else if (ent.getType().equals(PRIVATE_KEY) || ent.getType().equals(PROTECTED_PRIVATE_KEY)) {
            try {
                EncryptedPrivateKeyData encPrivData = EncryptedPrivateKeyData.getInstance(ent.getData());
                if (Arrays.areEqual(encPrivData.getCertificateChain()[0].toASN1Primitive().getEncoded(), encodedCert)) {
                    return alias;
                }
            } catch (IOException e) {
            // ignore - this should never happen
            }
        }
    }
    return null;
}

Example 8 with ObjectData

use of com.github.zhenwei.core.asn1.bc.ObjectData in project LinLong-Java by zhenwei1108.

the class BcFKSKeyStoreSpi method engineGetCertificate.

public Certificate engineGetCertificate(String s) {
    ObjectData ent = (ObjectData) entries.get(s);
    if (ent != null) {
        if (ent.getType().equals(PRIVATE_KEY) || ent.getType().equals(PROTECTED_PRIVATE_KEY)) {
            EncryptedPrivateKeyData encPrivData = EncryptedPrivateKeyData.getInstance(ent.getData());
            com.github.zhenwei.core.asn1.x509.Certificate[] certificates = encPrivData.getCertificateChain();
            return decodeCertificate(certificates[0]);
        } else if (ent.getType().equals(CERTIFICATE)) {
            return decodeCertificate(ent.getData());
        }
    }
    return null;
}

Example 9 with ObjectData

use of com.github.zhenwei.core.asn1.bc.ObjectData in project LinLong-Java by zhenwei1108.

the class BcFKSKeyStoreSpi method engineDeleteEntry.

public void engineDeleteEntry(String alias) throws KeyStoreException {
    ObjectData entry = (ObjectData) entries.get(alias);
    if (entry == null) {
        return;
    }
    privateKeyCache.remove(alias);
    entries.remove(alias);
    lastModifiedDate = new Date();
}

Example 10 with ObjectData

use of com.github.zhenwei.core.asn1.bc.ObjectData in project LinLong-Java by zhenwei1108.

the class BcFKSKeyStoreSpi method getEncryptedObjectStoreData.

private EncryptedObjectStoreData getEncryptedObjectStoreData(AlgorithmIdentifier integrityAlgorithm, char[] password) throws IOException, NoSuchAlgorithmException {
    ObjectData[] dataArray = (ObjectData[]) entries.values().toArray(new ObjectData[entries.size()]);
    KeyDerivationFunc pbkdAlgId = generatePkbdAlgorithmIdentifier(hmacPkbdAlgorithm, 256 / 8);
    byte[] keyBytes = generateKey(pbkdAlgId, "STORE_ENCRYPTION", ((password != null) ? password : new char[0]), 256 / 8);
    ObjectStoreData storeData = new ObjectStoreData(integrityAlgorithm, creationDate, lastModifiedDate, new ObjectDataSequence(dataArray), null);
    EncryptedObjectStoreData encStoreData;
    try {
        if (storeEncryptionAlgorithm.equals(NISTObjectIdentifiers.id_aes256_CCM)) {
            Cipher c = createCipher("AES/CCM/NoPadding", keyBytes);
            byte[] encOut = c.doFinal(storeData.getEncoded());
            AlgorithmParameters algorithmParameters = c.getParameters();
            PBES2Parameters pbeParams = new PBES2Parameters(pbkdAlgId, new EncryptionScheme(NISTObjectIdentifiers.id_aes256_CCM, CCMParameters.getInstance(algorithmParameters.getEncoded())));
            encStoreData = new EncryptedObjectStoreData(new AlgorithmIdentifier(PKCSObjectIdentifiers.id_PBES2, pbeParams), encOut);
        } else {
            Cipher c = createCipher("AESKWP", keyBytes);
            byte[] encOut = c.doFinal(storeData.getEncoded());
            PBES2Parameters pbeParams = new PBES2Parameters(pbkdAlgId, new EncryptionScheme(NISTObjectIdentifiers.id_aes256_wrap_pad));
            encStoreData = new EncryptedObjectStoreData(new AlgorithmIdentifier(PKCSObjectIdentifiers.id_PBES2, pbeParams), encOut);
        }
    } catch (NoSuchPaddingException e) {
        throw new NoSuchAlgorithmException(e.toString());
    } catch (BadPaddingException e) {
        throw new IOException(e.toString());
    } catch (IllegalBlockSizeException e) {
        throw new IOException(e.toString());
    } catch (InvalidKeyException e) {
        throw new IOException(e.toString());
    } catch (NoSuchProviderException e) {
        throw new IOException(e.toString());
    }
    return encStoreData;
}