use of com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier in project modules by assimbly.
the class CertificatesUtil method createSubjectKeyId.
/**
* Creates the hash value of the public key.
*
* @param publicKey of the certificate
*
* @return SubjectKeyIdentifier hash
*
* @throws OperatorCreationException
*/
private static SubjectKeyIdentifier createSubjectKeyId(final PublicKey publicKey) throws OperatorCreationException {
final SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfo.getInstance(publicKey.getEncoded());
final DigestCalculator digCalc = new BcDigestCalculatorProvider().get(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1));
return new X509ExtensionUtils(digCalc).createSubjectKeyIdentifier(publicKeyInfo);
}
use of com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier in project alibabacloud-dkms-gcs-java-sdk by aliyun.
the class SHA256withRSASigner method formatPkcs1ToPkcs8.
private byte[] formatPkcs1ToPkcs8(byte[] pkcs1PrivateKey) {
try (ASN1InputStream asn1InputStream = new ASN1InputStream(pkcs1PrivateKey)) {
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption);
ASN1Primitive asn1Object = asn1InputStream.readObject();
PrivateKeyInfo privKeyInfo = new PrivateKeyInfo(algorithmIdentifier, asn1Object);
return privKeyInfo.getEncoded();
} catch (IOException e) {
throw new IllegalArgumentException(e.toString());
}
}
use of com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier in project mercury by yellow013.
the class Digester method sha256.
public static DigestCalculator sha256() {
Digest digest = new SHA256Digest();
// The OID for SHA-256: http://www.oid-info.com/get/2.16.840.1.101.3.4.2.1
ASN1ObjectIdentifier oid = new ASN1ObjectIdentifier("2.16.840.1.101.3.4.2.1").intern();
AlgorithmIdentifier algId = new AlgorithmIdentifier(oid);
return new Digester(digest, algId);
}
use of com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier in project conformance-suite by openid-certification.
the class ValidateMTLSCertificatesAsX509 method verifyECPrivateKey.
private void verifyECPrivateKey(String certString, String keyString, byte[] decodedKey, X509Certificate certificate) {
PrivateKey privateKey;
try {
// try to generate private key is PKCS8
KeySpec kspec = new PKCS8EncodedKeySpec(decodedKey);
privateKey = KeyFactory.getInstance("EC", "BC").generatePrivate(kspec);
} catch (InvalidKeySpecException e) {
try {
// try to generate private key isn't PKCS8
ASN1Sequence seq = ASN1Sequence.getInstance(decodedKey);
org.bouncycastle.asn1.sec.ECPrivateKey pKey = org.bouncycastle.asn1.sec.ECPrivateKey.getInstance(seq);
AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, pKey.getParameters());
byte[] server_pkcs8 = new PrivateKeyInfo(algId, pKey).getEncoded();
privateKey = KeyFactory.getInstance("EC", "BC").generatePrivate(new PKCS8EncodedKeySpec(server_pkcs8));
} catch (IOException | NoSuchAlgorithmException | InvalidKeySpecException | NoSuchProviderException ex) {
throw error("Couldn't generate private key", e, args("key", keyString));
}
} catch (NoSuchProviderException | NoSuchAlgorithmException e) {
throw error("Provider or Algorithm of KeyFactory is invalid", e);
}
// TODO: Need to check that the private key and the certificate match
// This check isn't sure yet
ECPublicKey ecPublicKey = (ECPublicKey) certificate.getPublicKey();
if (!((ECPrivateKey) privateKey).getParameters().equals(ecPublicKey.getParameters())) {
throw error("MTLS Private Key and Cert do not match", args("cert", certString, "key", keyString));
}
}
use of com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier in project PdfBox-Android by TomRoush.
the class PublicKeySecurityHandler method createDERForRecipient.
private ASN1Primitive createDERForRecipient(byte[] in, X509Certificate cert) throws IOException, GeneralSecurityException {
String algorithm = PKCSObjectIdentifiers.RC2_CBC.getId();
AlgorithmParameterGenerator apg;
KeyGenerator keygen;
Cipher cipher;
try {
apg = AlgorithmParameterGenerator.getInstance(algorithm, SecurityProvider.getProvider());
keygen = KeyGenerator.getInstance(algorithm, SecurityProvider.getProvider());
cipher = Cipher.getInstance(algorithm, SecurityProvider.getProvider());
} catch (NoSuchAlgorithmException e) {
// happens when using the command line app .jar file
throw new IOException("Could not find a suitable javax.crypto provider for algorithm " + algorithm + "; possible reason: using an unsigned .jar file", e);
} catch (NoSuchPaddingException e) {
// should never happen, if this happens throw IOException instead
throw new RuntimeException("Could not find a suitable javax.crypto provider", e);
}
AlgorithmParameters parameters = apg.generateParameters();
ASN1InputStream input = new ASN1InputStream(parameters.getEncoded("ASN.1"));
ASN1Primitive object = input.readObject();
input.close();
keygen.init(128);
SecretKey secretkey = keygen.generateKey();
cipher.init(1, secretkey, parameters);
byte[] bytes = cipher.doFinal(in);
KeyTransRecipientInfo recipientInfo = computeRecipientInfo(cert, secretkey.getEncoded());
DERSet set = new DERSet(new RecipientInfo(recipientInfo));
AlgorithmIdentifier algorithmId = new AlgorithmIdentifier(new ASN1ObjectIdentifier(algorithm), object);
EncryptedContentInfo encryptedInfo = new EncryptedContentInfo(PKCSObjectIdentifiers.data, algorithmId, new DEROctetString(bytes));
EnvelopedData enveloped = new EnvelopedData(null, set, encryptedInfo, (ASN1Set) null);
ContentInfo contentInfo = new ContentInfo(PKCSObjectIdentifiers.envelopedData, enveloped);
return contentInfo.toASN1Primitive();
}
Aggregations