Example 96 with AlgorithmIdentifier
use of com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier in project jmulticard by ctt-gob-es.
the class SubjectPublicKeyInfoFactory method createSubjectPublicKeyInfo.
/**
* Create a SubjectPublicKeyInfo public key.
*
* @param publicKey the key to be encoded into the info object.
* @return a SubjectPublicKeyInfo representing the key.
* @throws java.io.IOException on an error encoding the key
*/
public static SubjectPublicKeyInfo createSubjectPublicKeyInfo(AsymmetricKeyParameter publicKey) throws IOException {
if (publicKey instanceof QTESLAPublicKeyParameters) {
QTESLAPublicKeyParameters keyParams = (QTESLAPublicKeyParameters) publicKey;
AlgorithmIdentifier algorithmIdentifier = Utils.qTeslaLookupAlgID(keyParams.getSecurityCategory());
return new SubjectPublicKeyInfo(algorithmIdentifier, keyParams.getPublicData());
} else if (publicKey instanceof SPHINCSPublicKeyParameters) {
SPHINCSPublicKeyParameters params = (SPHINCSPublicKeyParameters) publicKey;
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.sphincs256, new SPHINCS256KeyParams(Utils.sphincs256LookupTreeAlgID(params.getTreeDigest())));
return new SubjectPublicKeyInfo(algorithmIdentifier, params.getKeyData());
} else if (publicKey instanceof NHPublicKeyParameters) {
NHPublicKeyParameters params = (NHPublicKeyParameters) publicKey;
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.newHope);
return new SubjectPublicKeyInfo(algorithmIdentifier, params.getPubData());
} else if (publicKey instanceof LMSPublicKeyParameters) {
LMSPublicKeyParameters params = (LMSPublicKeyParameters) publicKey;
byte[] encoding = Composer.compose().u32str(1).bytes(params).build();
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_alg_hss_lms_hashsig);
return new SubjectPublicKeyInfo(algorithmIdentifier, new DEROctetString(encoding));
} else if (publicKey instanceof HSSPublicKeyParameters) {
HSSPublicKeyParameters params = (HSSPublicKeyParameters) publicKey;
byte[] encoding = Composer.compose().u32str(params.getL()).bytes(params.getLMSPublicKey()).build();
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_alg_hss_lms_hashsig);
return new SubjectPublicKeyInfo(algorithmIdentifier, new DEROctetString(encoding));
} else if (publicKey instanceof SPHINCSPlusPublicKeyParameters) {
SPHINCSPlusPublicKeyParameters params = (SPHINCSPlusPublicKeyParameters) publicKey;
byte[] encoding = params.getEncoded();
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(Utils.sphincsPlusOidLookup(params.getParameters()));
return new SubjectPublicKeyInfo(algorithmIdentifier, new DEROctetString(encoding));
} else if (publicKey instanceof CMCEPublicKeyParameters) {
CMCEPublicKeyParameters params = (CMCEPublicKeyParameters) publicKey;
byte[] encoding = params.getEncoded();
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(Utils.mcElieceOidLookup(params.getParameters()));
// https://datatracker.ietf.org/doc/draft-uni-qsckeys/
return new SubjectPublicKeyInfo(algorithmIdentifier, new CMCEPublicKey(encoding));
} else if (publicKey instanceof XMSSPublicKeyParameters) {
XMSSPublicKeyParameters keyParams = (XMSSPublicKeyParameters) publicKey;
byte[] publicSeed = keyParams.getPublicSeed();
byte[] root = keyParams.getRoot();
byte[] keyEnc = keyParams.getEncoded();
if (keyEnc.length > publicSeed.length + root.length) {
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(IsaraObjectIdentifiers.id_alg_xmss);
return new SubjectPublicKeyInfo(algorithmIdentifier, new DEROctetString(keyEnc));
} else {
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.xmss, new XMSSKeyParams(keyParams.getParameters().getHeight(), Utils.xmssLookupTreeAlgID(keyParams.getTreeDigest())));
return new SubjectPublicKeyInfo(algorithmIdentifier, new XMSSPublicKey(publicSeed, root));
}
} else if (publicKey instanceof XMSSMTPublicKeyParameters) {
XMSSMTPublicKeyParameters keyParams = (XMSSMTPublicKeyParameters) publicKey;
byte[] publicSeed = keyParams.getPublicSeed();
byte[] root = keyParams.getRoot();
byte[] keyEnc = keyParams.getEncoded();
if (keyEnc.length > publicSeed.length + root.length) {
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(IsaraObjectIdentifiers.id_alg_xmssmt);
return new SubjectPublicKeyInfo(algorithmIdentifier, new DEROctetString(keyEnc));
} else {
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.xmss_mt, new XMSSMTKeyParams(keyParams.getParameters().getHeight(), keyParams.getParameters().getLayers(), Utils.xmssLookupTreeAlgID(keyParams.getTreeDigest())));
return new SubjectPublicKeyInfo(algorithmIdentifier, new XMSSMTPublicKey(keyParams.getPublicSeed(), keyParams.getRoot()));
}
} else if (publicKey instanceof McElieceCCA2PublicKeyParameters) {
McElieceCCA2PublicKeyParameters pub = (McElieceCCA2PublicKeyParameters) publicKey;
McElieceCCA2PublicKey mcEliecePub = new McElieceCCA2PublicKey(pub.getN(), pub.getT(), pub.getG(), Utils.getAlgorithmIdentifier(pub.getDigest()));
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.mcElieceCca2);
return new SubjectPublicKeyInfo(algorithmIdentifier, mcEliecePub);
} else if (publicKey instanceof FrodoPublicKeyParameters) {
FrodoPublicKeyParameters params = (FrodoPublicKeyParameters) publicKey;
byte[] encoding = params.getEncoded();
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(Utils.frodoOidLookup(params.getParameters()));
return new SubjectPublicKeyInfo(algorithmIdentifier, (new DEROctetString(encoding)));
} else if (publicKey instanceof SABERPublicKeyParameters) {
SABERPublicKeyParameters params = (SABERPublicKeyParameters) publicKey;
byte[] encoding = params.getEncoded();
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(Utils.saberOidLookup(params.getParameters()));
// https://datatracker.ietf.org/doc/draft-uni-qsckeys/
return new SubjectPublicKeyInfo(algorithmIdentifier, new DERSequence(new DEROctetString(encoding)));
} else {
throw new IOException("key parameters not recognized");
}
}
Also used :
CMCEPublicKeyParameters(org.bouncycastle.pqc.crypto.cmce.CMCEPublicKeyParameters)
SABERPublicKeyParameters(org.bouncycastle.pqc.crypto.saber.SABERPublicKeyParameters)
XMSSKeyParams(org.bouncycastle.pqc.asn1.XMSSKeyParams)
CMCEPublicKey(org.bouncycastle.pqc.asn1.CMCEPublicKey)
LMSPublicKeyParameters(org.bouncycastle.pqc.crypto.lms.LMSPublicKeyParameters)
McElieceCCA2PublicKeyParameters(org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2PublicKeyParameters)
SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
XMSSMTPublicKey(org.bouncycastle.pqc.asn1.XMSSMTPublicKey)
DERSequence(org.bouncycastle.asn1.DERSequence)
SPHINCSPublicKeyParameters(org.bouncycastle.pqc.crypto.sphincs.SPHINCSPublicKeyParameters)
HSSPublicKeyParameters(org.bouncycastle.pqc.crypto.lms.HSSPublicKeyParameters)
QTESLAPublicKeyParameters(org.bouncycastle.pqc.crypto.qtesla.QTESLAPublicKeyParameters)
IOException(java.io.IOException)
McElieceCCA2PublicKey(org.bouncycastle.pqc.asn1.McElieceCCA2PublicKey)
SPHINCS256KeyParams(org.bouncycastle.pqc.asn1.SPHINCS256KeyParams)
XMSSMTKeyParams(org.bouncycastle.pqc.asn1.XMSSMTKeyParams)
FrodoPublicKeyParameters(org.bouncycastle.pqc.crypto.frodo.FrodoPublicKeyParameters)
XMSSPublicKeyParameters(org.bouncycastle.pqc.crypto.xmss.XMSSPublicKeyParameters)
XMSSMTPublicKeyParameters(org.bouncycastle.pqc.crypto.xmss.XMSSMTPublicKeyParameters)
SPHINCSPlusPublicKeyParameters(org.bouncycastle.pqc.crypto.sphincsplus.SPHINCSPlusPublicKeyParameters)
NHPublicKeyParameters(org.bouncycastle.pqc.crypto.newhope.NHPublicKeyParameters)
XMSSPublicKey(org.bouncycastle.pqc.asn1.XMSSPublicKey)
Example 97 with AlgorithmIdentifier
use of com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier in project jmulticard by ctt-gob-es.
the class BCRainbowPrivateKey method getEncoded.
public byte[] getEncoded() {
RainbowPrivateKey privateKey = new RainbowPrivateKey(A1inv, b1, A2inv, b2, vi, layers);
PrivateKeyInfo pki;
try {
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.rainbow, DERNull.INSTANCE);
pki = new PrivateKeyInfo(algorithmIdentifier, privateKey);
} catch (IOException e) {
return null;
}
try {
byte[] encoded = pki.getEncoded();
return encoded;
} catch (IOException e) {
return null;
}
}
Also used :
RainbowPrivateKey(org.bouncycastle.pqc.asn1.RainbowPrivateKey)
IOException(java.io.IOException)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 98 with AlgorithmIdentifier
use of com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier in project jmulticard by ctt-gob-es.
the class BCRainbowPublicKey method getEncoded.
public byte[] getEncoded() {
RainbowPublicKey key = new RainbowPublicKey(docLength, coeffquadratic, coeffsingular, coeffscalar);
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.rainbow, DERNull.INSTANCE);
return KeyUtil.getEncodedSubjectPublicKeyInfo(algorithmIdentifier, key);
}
Also used :
RainbowPublicKey(org.bouncycastle.pqc.asn1.RainbowPublicKey)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 99 with AlgorithmIdentifier
use of com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier in project signer by demoiselle.
the class CertificateRefs method getValue.
@Override
public Attribute getValue() throws SignerException {
try {
int chainSize = certificates.length - 1;
OtherCertID[] arrayOtherCertID = new OtherCertID[chainSize];
for (int i = 1; i <= chainSize; i++) {
X509Certificate issuerCert = null;
X509Certificate cert = (X509Certificate) certificates[i];
if (i < chainSize) {
issuerCert = (X509Certificate) certificates[i + 1];
} else {
// raiz
issuerCert = (X509Certificate) certificates[i];
}
Digest digest = DigestFactory.getInstance().factoryDefault();
digest.setAlgorithm(DigestAlgorithmEnum.SHA_256);
byte[] certHash = digest.digest(cert.getEncoded());
// X500Name dirName = new X500Name(issuerCert.getSubjectX500Principal().getName());
X500Name dirName = new JcaX509CertificateHolder(issuerCert).getSubject();
GeneralName name = new GeneralName(dirName);
GeneralNames issuer = new GeneralNames(name);
ASN1Integer serialNumber = new ASN1Integer(cert.getSerialNumber());
IssuerSerial issuerSerial = new IssuerSerial(issuer, serialNumber);
AlgorithmIdentifier algId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256);
OtherCertID otherCertID = new OtherCertID(algId, certHash, issuerSerial);
arrayOtherCertID[i - 1] = otherCertID;
}
return new Attribute(identifier, new DERSet(new ASN1Encodable[] { new DERSequence(arrayOtherCertID) }));
} catch (CertificateEncodingException e) {
throw new SignerException(e.getMessage());
}
}
Also used :
IssuerSerial(org.bouncycastle.asn1.x509.IssuerSerial)
Digest(org.demoiselle.signer.cryptography.Digest)
Attribute(org.bouncycastle.asn1.cms.Attribute)
UnsignedAttribute(org.demoiselle.signer.policy.impl.cades.pkcs7.attribute.UnsignedAttribute)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
X500Name(org.bouncycastle.asn1.x500.X500Name)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
JcaX509CertificateHolder(org.bouncycastle.cert.jcajce.JcaX509CertificateHolder)
DERSet(org.bouncycastle.asn1.DERSet)
X509Certificate(java.security.cert.X509Certificate)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
OtherCertID(org.bouncycastle.asn1.ess.OtherCertID)
DERSequence(org.bouncycastle.asn1.DERSequence)
GeneralNames(org.bouncycastle.asn1.x509.GeneralNames)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
SignerException(org.demoiselle.signer.policy.impl.cades.SignerException)
Example 100 with AlgorithmIdentifier
use of com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier in project signer by demoiselle.
the class RevocationRefs method makeCrlValidatedID.
/**
* @param crl CrlValidatedID from X509CRL
* @return a CrlValidatedID
* @throws NoSuchAlgorithmException
* @throws CRLException
*/
private CrlValidatedID makeCrlValidatedID(X509CRL crl) throws CRLException {
Digest digest = DigestFactory.getInstance().factoryDefault();
digest.setAlgorithm(DigestAlgorithmEnum.SHA_256);
OtherHashAlgAndValue otherHashAlgAndValue = new OtherHashAlgAndValue(new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256), new DEROctetString(digest.digest(crl.getEncoded())));
OtherHash hash = new OtherHash(otherHashAlgAndValue);
BigInteger crlnumber;
CrlIdentifier crlid;
if (crl.getExtensionValue("2.5.29.20") != null) {
ASN1Integer varASN1Integer = new ASN1Integer(crl.getExtensionValue("2.5.29.20"));
crlnumber = varASN1Integer.getPositiveValue();
crlid = new CrlIdentifier(new X500Name(crl.getIssuerX500Principal().getName()), new DERUTCTime(crl.getThisUpdate()), crlnumber);
} else {
crlid = new CrlIdentifier(new X500Name(crl.getIssuerX500Principal().getName()), new DERUTCTime(crl.getThisUpdate()));
}
CrlValidatedID crlvid = new CrlValidatedID(hash, crlid);
return crlvid;
}
Also used :
CrlValidatedID(org.bouncycastle.asn1.esf.CrlValidatedID)
Digest(org.demoiselle.signer.cryptography.Digest)
DERUTCTime(org.bouncycastle.asn1.DERUTCTime)
BigInteger(java.math.BigInteger)
CrlIdentifier(org.bouncycastle.asn1.esf.CrlIdentifier)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
X500Name(org.bouncycastle.asn1.x500.X500Name)
OtherHashAlgAndValue(org.bouncycastle.asn1.esf.OtherHashAlgAndValue)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
OtherHash(org.bouncycastle.asn1.esf.OtherHash)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Aggregations
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)249
IOException (java.io.IOException)157
AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)140
SubjectPublicKeyInfo (org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)79
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)72
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)65
BigInteger (java.math.BigInteger)62
X500Name (org.bouncycastle.asn1.x500.X500Name)52
ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)47
Date (java.util.Date)47
ASN1EncodableVector (com.github.zhenwei.core.asn1.ASN1EncodableVector)45
X509Certificate (java.security.cert.X509Certificate)45
ContentSigner (org.bouncycastle.operator.ContentSigner)40
DEROctetString (com.github.zhenwei.core.asn1.DEROctetString)39
OutputStream (java.io.OutputStream)39
DERSequence (com.github.zhenwei.core.asn1.DERSequence)38
GeneralSecurityException (java.security.GeneralSecurityException)37
X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)35
Cipher (javax.crypto.Cipher)33
PrivateKeyInfo (org.bouncycastle.asn1.pkcs.PrivateKeyInfo)33
