Examples with PKMACValue com.github.zhenwei.pkix.util.asn1.crmf.PKMACValue used on opensource projects

Example 1 with PKMACValue

use of com.github.zhenwei.pkix.util.asn1.crmf.PKMACValue in project LinLong-Java by zhenwei1108.

the class CertificateRequestMessage method isValidSigningKeyPOP.

/**
 * Return whether or not a signing key proof-of-possession (POP), with an associated PKMAC, is
 * valid.
 *
 * @param verifierProvider a provider that can produce content verifiers for the signature
 *                         contained in this POP.
 * @param macBuilder       a suitable PKMACBuilder to create the MAC verifier.
 * @param password         the password used to key the MAC calculation.
 * @return true if the POP is valid, false otherwise.
 * @throws CRMFException         if there is a problem in verification or content verifier
 *                               creation.
 * @throws IllegalStateException if POP not appropriate.
 */
public boolean isValidSigningKeyPOP(ContentVerifierProvider verifierProvider, PKMACBuilder macBuilder, char[] password) throws CRMFException, IllegalStateException {
    ProofOfPossession pop = certReqMsg.getPopo();
    if (pop.getType() == popSigningKey) {
        POPOSigningKey popoSign = POPOSigningKey.getInstance(pop.getObject());
        if (popoSign.getPoposkInput() == null || popoSign.getPoposkInput().getSender() != null) {
            throw new IllegalStateException("no PKMAC present in proof of possession");
        }
        PKMACValue pkMAC = popoSign.getPoposkInput().getPublicKeyMAC();
        PKMACValueVerifier macVerifier = new PKMACValueVerifier(macBuilder);
        if (macVerifier.isValid(pkMAC, password, this.getCertTemplate().getPublicKey())) {
            return verifySignature(verifierProvider, popoSign);
        }
        return false;
    } else {
        throw new IllegalStateException("not Signing Key type of proof of possession");
    }
}

Example 2 with PKMACValue

use of com.github.zhenwei.pkix.util.asn1.crmf.PKMACValue in project LinLong-Java by zhenwei1108.

the class PKMACValueGenerator method generate.

public PKMACValue generate(char[] password, SubjectPublicKeyInfo keyInfo) throws CRMFException {
    MacCalculator calculator = builder.build(password);
    OutputStream macOut = calculator.getOutputStream();
    try {
        macOut.write(keyInfo.getEncoded(ASN1Encoding.DER));
        macOut.close();
    } catch (IOException e) {
        throw new CRMFException("exception encoding mac input: " + e.getMessage(), e);
    }
    return new PKMACValue(calculator.getAlgorithmIdentifier(), new DERBitString(calculator.getMac()));
}