Example 1 with ASN1DER
use of com.mindbright.asn1.ASN1DER in project SpringRemote by HaleyWang.
the class X509Certificate method getPublicKey.
public PublicKey getPublicKey() {
SubjectPublicKeyInfo spki = certificate.tbsCertificate.subjectPublicKeyInfo;
String alg = spki.algorithm.algorithmName().toUpperCase();
ASN1DER der = new ASN1DER();
if (alg.startsWith("RSA")) {
RSAPublicKey rsa = new RSAPublicKey();
ByteArrayInputStream ba = new ByteArrayInputStream(spki.subjectPublicKey.getBitArray());
try {
der.decode(ba, rsa);
} catch (Exception e) {
throw new Error("Internal error decoding SubjectPublicKeyInfo.subjectPublicKey: " + e.getMessage());
}
try {
KeyFactory keyFact = KeyFactory.getInstance("RSA");
RSAPublicKeySpec pubSpec = new RSAPublicKeySpec(rsa.modulus.getValue(), rsa.publicExponent.getValue());
return keyFact.generatePublic(pubSpec);
} catch (Exception e) {
throw new Error("Error creating RSA key: " + e.getMessage());
}
} else if (alg.startsWith("DSA")) {
DSAPublicKey dsa = new DSAPublicKey();
ByteArrayInputStream ba = new ByteArrayInputStream(spki.subjectPublicKey.getBitArray());
try {
der.decode(ba, dsa);
} catch (Exception e) {
throw new Error("Internal error decoding SubjectPublicKeyInfo.subjectPublicKey: " + e.getMessage());
}
BigInteger y = dsa.getValue();
DSAParams dsaParams = (DSAParams) spki.algorithm.parameters.getValue();
BigInteger p = dsaParams.p.getValue();
BigInteger q = dsaParams.q.getValue();
BigInteger g = dsaParams.g.getValue();
try {
KeyFactory dsaKeyFact = KeyFactory.getInstance("DSA");
DSAPublicKeySpec dsaPubSpec = new DSAPublicKeySpec(y, p, q, g);
return dsaKeyFact.generatePublic(dsaPubSpec);
} catch (Exception e) {
throw new Error("Error creating DSA key: " + e.getMessage());
}
} else {
throw new Error("Internal error decoding publicKey: unknown algorithm");
}
}
Also used :
ASN1DER(com.mindbright.asn1.ASN1DER)
ASN1IA5String(com.mindbright.asn1.ASN1IA5String)
RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec)
DSAParams(com.mindbright.security.pkcs1.DSAParams)
SignatureException(java.security.SignatureException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
NoSuchProviderException(java.security.NoSuchProviderException)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
DSAPublicKey(com.mindbright.security.pkcs1.DSAPublicKey)
RSAPublicKey(com.mindbright.security.pkcs1.RSAPublicKey)
ByteArrayInputStream(java.io.ByteArrayInputStream)
BigInteger(java.math.BigInteger)
KeyFactory(java.security.KeyFactory)
DSAPublicKeySpec(java.security.spec.DSAPublicKeySpec)
Example 2 with ASN1DER
use of com.mindbright.asn1.ASN1DER in project SpringRemote by HaleyWang.
the class SSH2DSS method verify.
public boolean verify(byte[] sigBlob, byte[] data) throws SSH2SignatureException {
try {
byte[] sigRaw = decodeSignature(sigBlob);
signature.update(data);
int slen = sigRaw.length / 2;
byte[] ra = new byte[slen];
byte[] sa = new byte[slen];
System.arraycopy(sigRaw, 0, ra, 0, slen);
System.arraycopy(sigRaw, slen, sa, 0, slen);
BigInteger r = new BigInteger(1, ra);
BigInteger s = new BigInteger(1, sa);
DSASIG dsasig = new DSASIG(r, s);
ByteArrayOutputStream enc = new ByteArrayOutputStream(128);
ASN1DER der = new ASN1DER();
try {
der.encode(enc, dsasig);
} catch (IOException ioe) {
throw new SSH2SignatureException("DER encode failed: " + ioe.getMessage());
}
return signature.verify(enc.toByteArray());
} catch (SignatureException e) {
throw new SSH2SignatureException("Error in " + algorithm + " verify: " + e.getMessage());
}
}
Also used :
ASN1DER(com.mindbright.asn1.ASN1DER)
BigInteger(java.math.BigInteger)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
IOException(java.io.IOException)
SignatureException(java.security.SignatureException)
Example 3 with ASN1DER
use of com.mindbright.asn1.ASN1DER in project SpringRemote by HaleyWang.
the class SSH2ECDSASHA2NIST method verify.
public boolean verify(byte[] sigBlob, byte[] data) throws SSH2SignatureException {
try {
signature.update(data);
byte[] sigRaw = decodeSignature(sigBlob);
SSH2DataBuffer buf = new SSH2DataBuffer(sigRaw.length);
buf.writeRaw(sigRaw);
BigInteger r = buf.readBigInt();
BigInteger s = buf.readBigInt();
SSH2DSS.DSASIG dsasig = new SSH2DSS.DSASIG(r, s);
ByteArrayOutputStream enc = new ByteArrayOutputStream(128);
ASN1DER der = new ASN1DER();
try {
der.encode(enc, dsasig);
} catch (IOException ioe) {
throw new SSH2SignatureException("DER encode failed: " + ioe.getMessage());
}
return signature.verify(enc.toByteArray());
} catch (SignatureException e) {
throw new SSH2SignatureException("Error in " + algorithm + " verify: " + e.getMessage());
}
}
Also used :
ASN1DER(com.mindbright.asn1.ASN1DER)
BigInteger(java.math.BigInteger)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
IOException(java.io.IOException)
SignatureException(java.security.SignatureException)
Example 4 with ASN1DER
use of com.mindbright.asn1.ASN1DER in project SpringRemote by HaleyWang.
the class PKCS12KeyStore method extractPrivateKey.
/*
* !!! TODO generalize handling and move to pkcs8 or pkcs1
*/
public static PrivateKey extractPrivateKey(byte[] berPrivateKeyInfo) throws UnrecoverableKeyException {
ASN1DER ber = new ASN1DER();
ByteArrayInputStream ba = new ByteArrayInputStream(berPrivateKeyInfo);
PrivateKeyInfo pki = new PrivateKeyInfo();
try {
ber.decode(ba, pki);
boolean isrsakey = true;
try {
String alg = pki.privateKeyAlgorithm.algorithmName().toLowerCase();
if (alg.indexOf("dsa") >= 0)
isrsakey = false;
} catch (Throwable t) {
}
ba = new ByteArrayInputStream(pki.privateKey.getRaw());
if (isrsakey) {
com.mindbright.security.pkcs1.RSAPrivateKey rsa = new com.mindbright.security.pkcs1.RSAPrivateKey();
ber.decode(ba, rsa);
BigInteger n, e, d, p, q, pe, qe, u;
n = rsa.modulus.getValue();
e = rsa.publicExponent.getValue();
d = rsa.privateExponent.getValue();
p = rsa.prime1.getValue();
q = rsa.prime2.getValue();
pe = rsa.exponent1.getValue();
qe = rsa.exponent2.getValue();
u = rsa.coefficient.getValue();
RSAPrivateCrtKeySpec prvSpec = new RSAPrivateCrtKeySpec(n, e, d, p, q, pe, qe, u);
KeyFactory keyFact = KeyFactory.getInstance("RSA");
return keyFact.generatePrivate(prvSpec);
}
BigInteger x = null;
try {
// Normally, we should have just one ASN.1 integer here...
ASN1Integer dsax = new ASN1Integer();
ber.decode(ba, dsax);
x = dsax.getValue();
} catch (Throwable t) {
}
if (x == null) {
// ... but Mozilla returns SEQUENCE { y? INTEGER, x INTEGER }
DSAyx dsayx = new DSAyx();
ber.decode(new ByteArrayInputStream(pki.privateKey.getRaw()), dsayx);
x = dsayx.x.getValue();
}
com.mindbright.security.pkcs1.DSAParams params = (com.mindbright.security.pkcs1.DSAParams) pki.privateKeyAlgorithm.parameters.getValue();
DSAPrivateKeySpec prvSpec = new DSAPrivateKeySpec(x, params.p.getValue(), params.q.getValue(), params.g.getValue());
KeyFactory keyFact = KeyFactory.getInstance("DSA");
return keyFact.generatePrivate(prvSpec);
} catch (Exception e) {
throw new UnrecoverableKeyException(e.getMessage());
}
}
Also used :
RSAPrivateCrtKeySpec(java.security.spec.RSAPrivateCrtKeySpec)
ASN1DER(com.mindbright.asn1.ASN1DER)
ASN1OctetString(com.mindbright.asn1.ASN1OctetString)
ASN1CharString(com.mindbright.asn1.ASN1CharString)
ASN1Integer(com.mindbright.asn1.ASN1Integer)
KeyStoreException(java.security.KeyStoreException)
GeneralSecurityException(java.security.GeneralSecurityException)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
DSAPrivateKeySpec(java.security.spec.DSAPrivateKeySpec)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
ByteArrayInputStream(java.io.ByteArrayInputStream)
BigInteger(java.math.BigInteger)
PrivateKeyInfo(com.mindbright.security.pkcs8.PrivateKeyInfo)
EncryptedPrivateKeyInfo(com.mindbright.security.pkcs8.EncryptedPrivateKeyInfo)
KeyFactory(java.security.KeyFactory)
Example 5 with ASN1DER
use of com.mindbright.asn1.ASN1DER in project SpringRemote by HaleyWang.
the class PKCS12KeyStore method processSafeContents.
private void processSafeContents(byte[] scBer) throws IOException {
ByteArrayInputStream ba = new ByteArrayInputStream(scBer);
SafeContents sc = new SafeContents();
ASN1DER ber = new ASN1DER();
ber.decode(ba, sc);
for (int j = 0; j < sc.getCount(); j++) {
SafeBag safeBag = sc.getSafeBag(j);
String friendlyName = getAttribute(safeBag, "1.2.840.113549.1.9.20");
String localKeyId = getAttribute(safeBag, "1.2.840.113549.1.9.21");
if (friendlyName != null) {
if (localKeyId != null) {
name2id.put(friendlyName, localKeyId);
}
if (!aliases.contains(friendlyName)) {
aliases.addElement(friendlyName);
}
} else if (localKeyId != null) {
name2id.put(localKeyId, localKeyId);
if (!aliases.contains(localKeyId)) {
aliases.addElement(localKeyId);
}
}
switch(safeBag.getBagType()) {
case SafeBag.TYPE_PKCS8_SHROUDED_KEYBAG:
EncryptedPrivateKeyInfo keyBag = (EncryptedPrivateKeyInfo) safeBag.bagValue.getValue();
privateKeys.put(localKeyId, keyBag);
break;
case SafeBag.TYPE_CERTBAG:
CertBag cb = (CertBag) safeBag.bagValue.getValue();
byte[] derCert = ((ASN1OctetString) cb.certValue.getValue()).getRaw();
if (localKeyId == null) {
/*
* Trusted certs don't have a localKeyId
*/
localKeyId = friendlyName;
} else {
certificates.put(localKeyId, derCert);
}
break;
default:
throw new IOException("SafeBag type not supported: " + safeBag.bagId.getString());
}
}
}
Also used :
ASN1OctetString(com.mindbright.asn1.ASN1OctetString)
CertBag(com.mindbright.security.pkcs12.CertBag)
ByteArrayInputStream(java.io.ByteArrayInputStream)
ASN1DER(com.mindbright.asn1.ASN1DER)
EncryptedPrivateKeyInfo(com.mindbright.security.pkcs8.EncryptedPrivateKeyInfo)
SafeContents(com.mindbright.security.pkcs12.SafeContents)
ASN1OctetString(com.mindbright.asn1.ASN1OctetString)
ASN1CharString(com.mindbright.asn1.ASN1CharString)
IOException(java.io.IOException)
SafeBag(com.mindbright.security.pkcs12.SafeBag)
Aggregations
ASN1DER (com.mindbright.asn1.ASN1DER)15
IOException (java.io.IOException)13
ByteArrayInputStream (java.io.ByteArrayInputStream)10
BigInteger (java.math.BigInteger)7
ASN1OctetString (com.mindbright.asn1.ASN1OctetString)5
SignatureException (java.security.SignatureException)5
ASN1CharString (com.mindbright.asn1.ASN1CharString)4
ByteArrayOutputStream (java.io.ByteArrayOutputStream)4
EncryptedPrivateKeyInfo (com.mindbright.security.pkcs8.EncryptedPrivateKeyInfo)3
KeyFactory (java.security.KeyFactory)3
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3
DSAParams (java.security.interfaces.DSAParams)3
ASN1Object (com.mindbright.asn1.ASN1Object)2
PKCS12PbeParams (com.mindbright.security.pkcs12.PKCS12PbeParams)2
GeneralSecurityException (java.security.GeneralSecurityException)2
InvalidKeyException (java.security.InvalidKeyException)2
UnrecoverableKeyException (java.security.UnrecoverableKeyException)2
CertificateException (java.security.cert.CertificateException)2
DSAPrivateKey (java.security.interfaces.DSAPrivateKey)2
DSAPublicKey (java.security.interfaces.DSAPublicKey)2
