Search in sources :

Example 71 with ASN1BitString

use of com.unboundid.asn1.ASN1BitString in project LinLong-Java by zhenwei1108.

the class JCEECPublicKey method populateFromPubKeyInfo.

private void populateFromPubKeyInfo(SubjectPublicKeyInfo info) {
    AlgorithmIdentifier algID = info.getAlgorithm();
    if (algID.getAlgorithm().equals(CryptoProObjectIdentifiers.gostR3410_2001)) {
        ASN1BitString bits = info.getPublicKeyData();
        ASN1OctetString key;
        this.algorithm = "ECGOST3410";
        try {
            key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes());
        } catch (IOException ex) {
            throw new IllegalArgumentException("error recovering public key");
        }
        byte[] keyEnc = key.getOctets();
        byte[] x9Encoding = new byte[65];
        x9Encoding[0] = 0x04;
        for (int i = 1; i <= 32; ++i) {
            x9Encoding[i] = keyEnc[32 - i];
            x9Encoding[i + 32] = keyEnc[64 - i];
        }
        gostParams = GOST3410PublicKeyAlgParameters.getInstance(algID.getParameters());
        ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()));
        ECCurve curve = spec.getCurve();
        EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed());
        this.q = curve.decodePoint(x9Encoding);
        ecSpec = new ECNamedCurveSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()), ellipticCurve, EC5Util.convertPoint(spec.getG()), spec.getN(), spec.getH());
    } else {
        X962Parameters params = X962Parameters.getInstance(algID.getParameters());
        ECCurve curve;
        EllipticCurve ellipticCurve;
        if (params.isNamedCurve()) {
            ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) params.getParameters();
            X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
            curve = ecP.getCurve();
            ellipticCurve = EC5Util.convertCurve(curve, ecP.getSeed());
            ecSpec = new ECNamedCurveSpec(ECUtil.getCurveName(oid), ellipticCurve, EC5Util.convertPoint(ecP.getG()), ecP.getN(), ecP.getH());
        } else if (params.isImplicitlyCA()) {
            ecSpec = null;
            curve = WeGooProvider.CONFIGURATION.getEcImplicitlyCa().getCurve();
        } else {
            X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters());
            curve = ecP.getCurve();
            ellipticCurve = EC5Util.convertCurve(curve, ecP.getSeed());
            this.ecSpec = new ECParameterSpec(ellipticCurve, EC5Util.convertPoint(ecP.getG()), ecP.getN(), ecP.getH().intValue());
        }
        ASN1BitString bits = info.getPublicKeyData();
        byte[] data = bits.getBytes();
        ASN1OctetString key = new DEROctetString(data);
        // 
        if (data[0] == 0x04 && data[1] == data.length - 2 && (data[2] == 0x02 || data[2] == 0x03)) {
            int qLength = new X9IntegerConverter().getByteLength(curve);
            if (qLength >= data.length - 3) {
                try {
                    key = (ASN1OctetString) ASN1Primitive.fromByteArray(data);
                } catch (IOException ex) {
                    throw new IllegalArgumentException("error recovering public key");
                }
            }
        }
        X9ECPoint derQ = new X9ECPoint(curve, key);
        this.q = derQ.getPoint();
    }
}
Also used : ASN1OctetString(com.github.zhenwei.core.asn1.ASN1OctetString) X9ECParameters(com.github.zhenwei.core.asn1.x9.X9ECParameters) X9IntegerConverter(com.github.zhenwei.core.asn1.x9.X9IntegerConverter) IOException(java.io.IOException) ASN1BitString(com.github.zhenwei.core.asn1.ASN1BitString) X9ECPoint(com.github.zhenwei.core.asn1.x9.X9ECPoint) ECPoint(java.security.spec.ECPoint) DEROctetString(com.github.zhenwei.core.asn1.DEROctetString) AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier) X962Parameters(com.github.zhenwei.core.asn1.x9.X962Parameters) EllipticCurve(java.security.spec.EllipticCurve) ECParameterSpec(java.security.spec.ECParameterSpec) X9ECPoint(com.github.zhenwei.core.asn1.x9.X9ECPoint) ECNamedCurveParameterSpec(com.github.zhenwei.provider.jce.spec.ECNamedCurveParameterSpec) ECCurve(com.github.zhenwei.core.math.ec.ECCurve) ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier) ECNamedCurveSpec(com.github.zhenwei.provider.jce.spec.ECNamedCurveSpec)

Example 72 with ASN1BitString

use of com.unboundid.asn1.ASN1BitString in project LinLong-Java by zhenwei1108.

the class X509CertificateObject method getSubjectUniqueID.

public boolean[] getSubjectUniqueID() {
    ASN1BitString id = c.getTBSCertificate().getSubjectUniqueId();
    if (id != null) {
        byte[] bytes = id.getBytes();
        boolean[] boolId = new boolean[bytes.length * 8 - id.getPadBits()];
        for (int i = 0; i != boolId.length; i++) {
            boolId[i] = (bytes[i / 8] & (0x80 >>> (i % 8))) != 0;
        }
        return boolId;
    }
    return null;
}
Also used : ASN1BitString(com.github.zhenwei.core.asn1.ASN1BitString)

Example 73 with ASN1BitString

use of com.unboundid.asn1.ASN1BitString in project ldapsdk by pingidentity.

the class X509Certificate method encode.

/**
 * Encodes this X.509 certificate to an ASN.1 element.
 *
 * @return  The encoded X.509 certificate.
 *
 * @throws  CertException  If a problem is encountered while trying to encode
 *                         the X.509 certificate.
 */
@NotNull()
ASN1Element encode() throws CertException {
    try {
        final ArrayList<ASN1Element> tbsCertificateElements = new ArrayList<>(10);
        if (version != X509CertificateVersion.V1) {
            tbsCertificateElements.add(new ASN1Element(TYPE_EXPLICIT_VERSION, new ASN1Integer(version.getIntValue()).encode()));
        }
        tbsCertificateElements.add(new ASN1BigInteger(serialNumber));
        if (signatureAlgorithmParameters == null) {
            tbsCertificateElements.add(new ASN1Sequence(new ASN1ObjectIdentifier(signatureAlgorithmOID)));
        } else {
            tbsCertificateElements.add(new ASN1Sequence(new ASN1ObjectIdentifier(signatureAlgorithmOID), signatureAlgorithmParameters));
        }
        tbsCertificateElements.add(encodeName(issuerDN));
        tbsCertificateElements.add(encodeValiditySequence(notBefore, notAfter));
        tbsCertificateElements.add(encodeName(subjectDN));
        if (publicKeyAlgorithmParameters == null) {
            tbsCertificateElements.add(new ASN1Sequence(new ASN1Sequence(new ASN1ObjectIdentifier(publicKeyAlgorithmOID)), encodedPublicKey));
        } else {
            tbsCertificateElements.add(new ASN1Sequence(new ASN1Sequence(new ASN1ObjectIdentifier(publicKeyAlgorithmOID), publicKeyAlgorithmParameters), encodedPublicKey));
        }
        if (issuerUniqueID != null) {
            tbsCertificateElements.add(new ASN1BitString(TYPE_IMPLICIT_ISSUER_UNIQUE_ID, issuerUniqueID.getBits()));
        }
        if (subjectUniqueID != null) {
            tbsCertificateElements.add(new ASN1BitString(TYPE_IMPLICIT_SUBJECT_UNIQUE_ID, subjectUniqueID.getBits()));
        }
        if (!extensions.isEmpty()) {
            final ArrayList<ASN1Element> extensionElements = new ArrayList<>(extensions.size());
            for (final X509CertificateExtension e : extensions) {
                extensionElements.add(e.encode());
            }
            tbsCertificateElements.add(new ASN1Element(TYPE_EXPLICIT_EXTENSIONS, new ASN1Sequence(extensionElements).encode()));
        }
        final ArrayList<ASN1Element> certificateElements = new ArrayList<>(3);
        certificateElements.add(new ASN1Sequence(tbsCertificateElements));
        if (signatureAlgorithmParameters == null) {
            certificateElements.add(new ASN1Sequence(new ASN1ObjectIdentifier(signatureAlgorithmOID)));
        } else {
            certificateElements.add(new ASN1Sequence(new ASN1ObjectIdentifier(signatureAlgorithmOID), signatureAlgorithmParameters));
        }
        certificateElements.add(signatureValue);
        return new ASN1Sequence(certificateElements);
    } catch (final Exception e) {
        Debug.debugException(e);
        throw new CertException(ERR_CERT_ENCODE_ERROR.get(toString(), StaticUtils.getExceptionMessage(e)), e);
    }
}
Also used : ASN1Sequence(com.unboundid.asn1.ASN1Sequence) ASN1Element(com.unboundid.asn1.ASN1Element) ArrayList(java.util.ArrayList) ASN1BigInteger(com.unboundid.asn1.ASN1BigInteger) ASN1Integer(com.unboundid.asn1.ASN1Integer) ASN1ObjectIdentifier(com.unboundid.asn1.ASN1ObjectIdentifier) ASN1BitString(com.unboundid.asn1.ASN1BitString) ASN1Exception(com.unboundid.asn1.ASN1Exception) CertificateException(java.security.cert.CertificateException) NotNull(com.unboundid.util.NotNull)

Example 74 with ASN1BitString

use of com.unboundid.asn1.ASN1BitString in project ldapsdk by pingidentity.

the class PKCS8PrivateKey method encode.

/**
 * Encodes this PKCS #8 private key to an ASN.1 element.
 *
 * @return  The encoded PKCS #8 private key.
 *
 * @throws  CertException  If a problem is encountered while trying to encode
 *                         the X.509 certificate.
 */
@NotNull()
ASN1Element encode() throws CertException {
    try {
        final ArrayList<ASN1Element> elements = new ArrayList<>(5);
        elements.add(new ASN1Integer(version.getIntValue()));
        if (privateKeyAlgorithmParameters == null) {
            elements.add(new ASN1Sequence(new ASN1ObjectIdentifier(privateKeyAlgorithmOID)));
        } else {
            elements.add(new ASN1Sequence(new ASN1ObjectIdentifier(privateKeyAlgorithmOID), privateKeyAlgorithmParameters));
        }
        elements.add(encodedPrivateKey);
        if (attributesElement != null) {
            elements.add(new ASN1Element(TYPE_ATTRIBUTES, attributesElement.getValue()));
        }
        if (publicKey != null) {
            elements.add(new ASN1BitString(TYPE_PUBLIC_KEY, publicKey.getBits()));
        }
        return new ASN1Sequence(elements);
    } catch (final Exception e) {
        Debug.debugException(e);
        throw new CertException(ERR_PRIVATE_KEY_ENCODE_ERROR.get(toString(), StaticUtils.getExceptionMessage(e)), e);
    }
}
Also used : ASN1Sequence(com.unboundid.asn1.ASN1Sequence) ASN1Element(com.unboundid.asn1.ASN1Element) ArrayList(java.util.ArrayList) ASN1Integer(com.unboundid.asn1.ASN1Integer) ASN1ObjectIdentifier(com.unboundid.asn1.ASN1ObjectIdentifier) ASN1BitString(com.unboundid.asn1.ASN1BitString) GeneralSecurityException(java.security.GeneralSecurityException) NotNull(com.unboundid.util.NotNull)

Example 75 with ASN1BitString

use of com.unboundid.asn1.ASN1BitString in project ldapsdk by pingidentity.

the class EllipticCurvePrivateKey method encode.

/**
 * Encodes this elliptic curve private key.
 *
 * @return  The encoded representation of this private key.
 *
 * @throws  CertException  If a problem is encountered while encoding this
 *                         private key.
 */
@NotNull()
ASN1OctetString encode() throws CertException {
    try {
        final ArrayList<ASN1Element> elements = new ArrayList<>(4);
        elements.add(new ASN1Integer(version));
        elements.add(new ASN1OctetString(privateKeyBytes));
        if (namedCurveOID != null) {
            elements.add(new ASN1ObjectIdentifier(TYPE_PARAMETERS, namedCurveOID));
        }
        if (publicKey != null) {
            elements.add(new ASN1BitString(TYPE_PUBLIC_KEY, publicKey.getBits()));
        }
        return new ASN1OctetString(new ASN1Sequence(elements).encode());
    } catch (final Exception e) {
        Debug.debugException(e);
        throw new CertException(ERR_EC_PRIVATE_KEY_CANNOT_ENCODE.get(toString(), StaticUtils.getExceptionMessage(e)), e);
    }
}
Also used : ASN1OctetString(com.unboundid.asn1.ASN1OctetString) ASN1Sequence(com.unboundid.asn1.ASN1Sequence) ASN1Element(com.unboundid.asn1.ASN1Element) ArrayList(java.util.ArrayList) ASN1Integer(com.unboundid.asn1.ASN1Integer) ASN1ObjectIdentifier(com.unboundid.asn1.ASN1ObjectIdentifier) ASN1BitString(com.unboundid.asn1.ASN1BitString) NotNull(com.unboundid.util.NotNull)

Aggregations

ASN1BitString (com.unboundid.asn1.ASN1BitString)72 Test (org.testng.annotations.Test)62 DN (com.unboundid.ldap.sdk.DN)49 ASN1Null (com.unboundid.asn1.ASN1Null)36 OID (com.unboundid.util.OID)33 ASN1ObjectIdentifier (com.unboundid.asn1.ASN1ObjectIdentifier)26 ASN1OctetString (com.unboundid.asn1.ASN1OctetString)25 ASN1Sequence (com.unboundid.asn1.ASN1Sequence)24 ASN1Element (com.unboundid.asn1.ASN1Element)23 ASN1BigInteger (com.unboundid.asn1.ASN1BigInteger)22 ASN1Integer (com.unboundid.asn1.ASN1Integer)20 IOException (java.io.IOException)16 ASN1BitString (com.github.zhenwei.core.asn1.ASN1BitString)14 ASN1BitString (org.bouncycastle.asn1.ASN1BitString)11 BigInteger (java.math.BigInteger)10 ArrayList (java.util.ArrayList)10 ASN1GeneralizedTime (com.unboundid.asn1.ASN1GeneralizedTime)9 NotNull (com.unboundid.util.NotNull)9 Date (java.util.Date)8 KeyPair (java.security.KeyPair)7