Example 76 with AlgorithmIdentifier
use of com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier in project runwar by cfmlprojects.
the class SelfSignedCertificate method generateCertificate.
private static X509Certificate generateCertificate(String fqdn, KeyPair keypair, SecureRandom random) throws Exception {
final X500Name subject = new X500Name("CN=" + fqdn);
final SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(keypair.getPublic().getEncoded());
final AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1withRSA");
final AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
final AsymmetricKeyParameter keyParam = PrivateKeyFactory.createKey(keypair.getPrivate().getEncoded());
final ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(keyParam);
X509v3CertificateBuilder v3CertBuilder = new X509v3CertificateBuilder(subject, new BigInteger(64, random), NOT_BEFORE, NOT_AFTER, subject, subPubKeyInfo);
v3CertBuilder.addExtension(Extension.basicConstraints, true, new BasicConstraints(true));
v3CertBuilder.addExtension(Extension.keyUsage, true, new X509KeyUsage(X509KeyUsage.digitalSignature | X509KeyUsage.nonRepudiation | X509KeyUsage.keyEncipherment | X509KeyUsage.dataEncipherment));
v3CertBuilder.addExtension(Extension.subjectKeyIdentifier, false, createSubjectKeyIdentifier(keypair.getPublic()));
JcaX509CertificateConverter converter = new JcaX509CertificateConverter();
X509Certificate cert = converter.getCertificate(v3CertBuilder.build(sigGen));
cert.checkValidity();
cert.verify(keypair.getPublic());
return cert;
}
Also used :
ContentSigner(org.bouncycastle.operator.ContentSigner)
X500Name(org.bouncycastle.asn1.x500.X500Name)
SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
DefaultDigestAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder)
X509Certificate(java.security.cert.X509Certificate)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
DefaultSignatureAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder)
BcRSAContentSignerBuilder(org.bouncycastle.operator.bc.BcRSAContentSignerBuilder)
AsymmetricKeyParameter(org.bouncycastle.crypto.params.AsymmetricKeyParameter)
X509v3CertificateBuilder(org.bouncycastle.cert.X509v3CertificateBuilder)
JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)
BigInteger(java.math.BigInteger)
BasicConstraints(org.bouncycastle.asn1.x509.BasicConstraints)
X509KeyUsage(org.bouncycastle.jce.X509KeyUsage)
Example 77 with AlgorithmIdentifier
use of com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier in project BiglyBT by BiglySoftware.
the class PKCS10CertificationRequest method getPublicKey.
public PublicKey getPublicKey(String provider) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException {
SubjectPublicKeyInfo subjectPKInfo = reqInfo.getSubjectPublicKeyInfo();
try {
X509EncodedKeySpec xspec = new X509EncodedKeySpec(new DERBitString(subjectPKInfo).getBytes());
AlgorithmIdentifier keyAlg = subjectPKInfo.getAlgorithmId();
return KeyFactory.getInstance(keyAlg.getObjectId().getId(), provider).generatePublic(xspec);
} catch (InvalidKeySpecException e) {
throw new InvalidKeyException("error encoding public key");
}
}
Also used :
X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
SubjectPublicKeyInfo(org.gudy.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
AlgorithmIdentifier(org.gudy.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 78 with AlgorithmIdentifier
use of com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier in project BiglyBT by BiglySoftware.
the class PKCS7SignedData method getEncoded.
/**
* return the bytes for the PKCS7SignedData object.
*/
public byte[] getEncoded() {
try {
digest = sig.sign();
// Create the set of Hash algorithms. I've assumed this is the
// set of all hash agorithms used to created the digest in the
// "signerInfo" structure. I may be wrong.
//
ASN1EncodableVector v = new ASN1EncodableVector();
for (Iterator i = digestalgos.iterator(); i.hasNext(); ) {
AlgorithmIdentifier a = new AlgorithmIdentifier(new DERObjectIdentifier((String) i.next()), null);
v.add(a);
}
DERSet algos = new DERSet(v);
// Create the contentInfo. Empty, I didn't implement this bit
//
DERSequence contentinfo = new DERSequence(new DERObjectIdentifier(ID_PKCS7_DATA));
// Get all the certificates
//
v = new ASN1EncodableVector();
for (Iterator i = certs.iterator(); i.hasNext(); ) {
DERInputStream tempstream = new DERInputStream(new ByteArrayInputStream(((X509Certificate) i.next()).getEncoded()));
v.add(tempstream.readObject());
}
DERSet dercertificates = new DERSet(v);
// Create signerinfo structure.
//
ASN1EncodableVector signerinfo = new ASN1EncodableVector();
// Add the signerInfo version
//
signerinfo.add(new DERInteger(signerversion));
IssuerAndSerialNumber isAnds = new IssuerAndSerialNumber(new X509Name((ASN1Sequence) getIssuer(signCert.getTBSCertificate())), new DERInteger(signCert.getSerialNumber()));
signerinfo.add(isAnds);
// Add the digestAlgorithm
//
signerinfo.add(new AlgorithmIdentifier(new DERObjectIdentifier(digestAlgorithm), new DERNull()));
//
// Add the digestEncryptionAlgorithm
//
signerinfo.add(new AlgorithmIdentifier(new DERObjectIdentifier(digestEncryptionAlgorithm), new DERNull()));
//
// Add the digest
//
signerinfo.add(new DEROctetString(digest));
//
// Finally build the body out of all the components above
//
ASN1EncodableVector body = new ASN1EncodableVector();
body.add(new DERInteger(version));
body.add(algos);
body.add(contentinfo);
body.add(new DERTaggedObject(false, 0, dercertificates));
if (crls.size() > 0) {
v = new ASN1EncodableVector();
for (Iterator i = crls.iterator(); i.hasNext(); ) {
DERInputStream t = new DERInputStream(new ByteArrayInputStream((((X509CRL) i.next()).getEncoded())));
v.add(t.readObject());
}
DERSet dercrls = new DERSet(v);
body.add(new DERTaggedObject(false, 1, dercrls));
}
// Only allow one signerInfo
//
body.add(new DERSet(new DERSequence(signerinfo)));
// Now we have the body, wrap it in it's PKCS7Signed shell
// and return it
//
ASN1EncodableVector whole = new ASN1EncodableVector();
whole.add(new DERObjectIdentifier(ID_PKCS7_SIGNED_DATA));
whole.add(new DERTaggedObject(0, new DERSequence(body)));
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
DEROutputStream dout = new DEROutputStream(bOut);
dout.writeObject(new DERSequence(whole));
dout.close();
return bOut.toByteArray();
} catch (Exception e) {
throw new RuntimeException(e.toString());
}
}
Also used :
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
IOException(java.io.IOException)
AlgorithmIdentifier(org.gudy.bouncycastle.asn1.x509.AlgorithmIdentifier)
X509Name(org.gudy.bouncycastle.asn1.x509.X509Name)
ByteArrayInputStream(java.io.ByteArrayInputStream)
Example 79 with AlgorithmIdentifier
use of com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier in project BiglyBT by BiglySoftware.
the class JCEECPrivateKey method getEncoded.
/**
* Return a PKCS8 representation of the key. The sequence returned
* represents a full PrivateKeyInfo object.
*
* @return a PKCS8 representation of the key.
*/
@Override
public byte[] getEncoded() {
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
DEROutputStream dOut = new DEROutputStream(bOut);
X962Parameters params = null;
if (ecSpec instanceof ECNamedCurveParameterSpec) {
params = new X962Parameters(X962NamedCurves.getOID(((ECNamedCurveParameterSpec) ecSpec).getName()));
} else {
X9ECParameters ecP = new X9ECParameters(ecSpec.getCurve(), ecSpec.getG(), ecSpec.getN(), ecSpec.getH(), ecSpec.getSeed());
params = new X962Parameters(ecP);
}
PrivateKeyInfo info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.getDERObject()), new ECPrivateKeyStructure(this.getD()).getDERObject());
try {
dOut.writeObject(info);
dOut.close();
} catch (IOException e) {
throw new RuntimeException("Error encoding EC private key");
}
return bOut.toByteArray();
}
Also used :
X962Parameters(org.gudy.bouncycastle.asn1.x9.X962Parameters)
X9ECParameters(org.gudy.bouncycastle.asn1.x9.X9ECParameters)
ECNamedCurveParameterSpec(org.gudy.bouncycastle.jce.spec.ECNamedCurveParameterSpec)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
ECPrivateKeyStructure(org.gudy.bouncycastle.asn1.sec.ECPrivateKeyStructure)
IOException(java.io.IOException)
PrivateKeyInfo(org.gudy.bouncycastle.asn1.pkcs.PrivateKeyInfo)
AlgorithmIdentifier(org.gudy.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 80 with AlgorithmIdentifier
use of com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier in project BiglyBT by BiglySoftware.
the class JCEECPublicKey method getEncoded.
@Override
public byte[] getEncoded() {
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
DEROutputStream dOut = new DEROutputStream(bOut);
X962Parameters params = null;
if (ecSpec instanceof ECNamedCurveParameterSpec) {
params = new X962Parameters(X962NamedCurves.getOID(((ECNamedCurveParameterSpec) ecSpec).getName()));
} else {
X9ECParameters ecP = new X9ECParameters(ecSpec.getCurve(), ecSpec.getG(), ecSpec.getN(), ecSpec.getH(), ecSpec.getSeed());
params = new X962Parameters(ecP);
}
ASN1OctetString p = (ASN1OctetString) (new X9ECPoint(this.getQ()).getDERObject());
SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.getDERObject()), p.getOctets());
try {
dOut.writeObject(info);
dOut.close();
} catch (IOException e) {
throw new RuntimeException("Error encoding EC public key");
}
return bOut.toByteArray();
}
Also used :
ECNamedCurveParameterSpec(org.gudy.bouncycastle.jce.spec.ECNamedCurveParameterSpec)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
IOException(java.io.IOException)
SubjectPublicKeyInfo(org.gudy.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
AlgorithmIdentifier(org.gudy.bouncycastle.asn1.x509.AlgorithmIdentifier)
Aggregations
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)249
IOException (java.io.IOException)157
AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)140
SubjectPublicKeyInfo (org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)79
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)72
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)65
BigInteger (java.math.BigInteger)62
X500Name (org.bouncycastle.asn1.x500.X500Name)52
ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)47
Date (java.util.Date)47
ASN1EncodableVector (com.github.zhenwei.core.asn1.ASN1EncodableVector)45
X509Certificate (java.security.cert.X509Certificate)45
ContentSigner (org.bouncycastle.operator.ContentSigner)40
DEROctetString (com.github.zhenwei.core.asn1.DEROctetString)39
OutputStream (java.io.OutputStream)39
DERSequence (com.github.zhenwei.core.asn1.DERSequence)38
GeneralSecurityException (java.security.GeneralSecurityException)37
X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)35
Cipher (javax.crypto.Cipher)33
PrivateKeyInfo (org.bouncycastle.asn1.pkcs.PrivateKeyInfo)33
