Search in sources :

Example 1 with ASN1ObjectIdentifier

use of com.unboundid.asn1.ASN1ObjectIdentifier in project X-Road by nordic-institute.

the class AbstractTimestampRequest method createTimestampRequest.

private TimeStampRequest createTimestampRequest(byte[] data) throws Exception {
    TimeStampRequestGenerator reqgen = new TimeStampRequestGenerator();
    String tsaHashAlg = MessageLogProperties.getHashAlg();
    log.trace("Creating time-stamp request (algorithm: {})", tsaHashAlg);
    byte[] digest = calculateDigest(tsaHashAlg, data);
    ASN1ObjectIdentifier algorithm = getAlgorithmIdentifier(tsaHashAlg).getAlgorithm();
    return reqgen.generate(algorithm, digest);
}
Also used : TimeStampRequestGenerator(org.bouncycastle.tsp.TimeStampRequestGenerator) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 2 with ASN1ObjectIdentifier

use of com.unboundid.asn1.ASN1ObjectIdentifier in project bitcoinj by bitcoinj.

the class X509Utils method getDisplayNameFromCertificate.

/**
 * Returns either a string that "sums up" the certificate for humans, in a similar manner to what you might see
 * in a web browser, or null if one cannot be extracted. This will typically be the common name (CN) field, but
 * can also be the org (O) field, org+location+country if withLocation is set, or the email
 * address for S/MIME certificates.
 */
@Nullable
public static String getDisplayNameFromCertificate(@Nonnull X509Certificate certificate, boolean withLocation) throws CertificateParsingException {
    X500Name name = new X500Name(certificate.getSubjectX500Principal().getName());
    String commonName = null, org = null, location = null, country = null;
    for (RDN rdn : name.getRDNs()) {
        AttributeTypeAndValue pair = rdn.getFirst();
        String val = ((ASN1String) pair.getValue()).getString();
        ASN1ObjectIdentifier type = pair.getType();
        if (type.equals(RFC4519Style.cn))
            commonName = val;
        else if (type.equals(RFC4519Style.o))
            org = val;
        else if (type.equals(RFC4519Style.l))
            location = val;
        else if (type.equals(RFC4519Style.c))
            country = val;
    }
    final Collection<List<?>> subjectAlternativeNames = certificate.getSubjectAlternativeNames();
    String altName = null;
    if (subjectAlternativeNames != null)
        for (final List<?> subjectAlternativeName : subjectAlternativeNames) if (// rfc822name
        (Integer) subjectAlternativeName.get(0) == 1)
            altName = (String) subjectAlternativeName.get(1);
    if (org != null) {
        return withLocation ? Joiner.on(", ").skipNulls().join(org, location, country) : org;
    } else if (commonName != null) {
        return commonName;
    } else {
        return altName;
    }
}
Also used : List(java.util.List) X500Name(org.bouncycastle.asn1.x500.X500Name) ASN1String(org.bouncycastle.asn1.ASN1String) ASN1String(org.bouncycastle.asn1.ASN1String) RDN(org.bouncycastle.asn1.x500.RDN) AttributeTypeAndValue(org.bouncycastle.asn1.x500.AttributeTypeAndValue) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) Nullable(javax.annotation.Nullable)

Example 3 with ASN1ObjectIdentifier

use of com.unboundid.asn1.ASN1ObjectIdentifier in project xwiki-commons by xwiki.

the class BcPKCS5S2KeyDerivationFunctionFactory method toDigestHint.

private String toDigestHint(AlgorithmIdentifier algorithmIdentifier) {
    if (algorithmIdentifier == null) {
        return null;
    }
    ASN1ObjectIdentifier algId = algorithmIdentifier.getAlgorithm();
    String hint = null;
    if (algId.equals(HMAC_SHA1.getAlgorithm())) {
        hint = X509ObjectIdentifiers.id_SHA1.getId();
    } else if (algId.equals(HMAC_SHA224.getAlgorithm())) {
        hint = NISTObjectIdentifiers.id_sha224.getId();
    } else if (algId.equals(HMAC_SHA256.getAlgorithm())) {
        hint = NISTObjectIdentifiers.id_sha256.getId();
    } else if (algId.equals(HMAC_SHA384.getAlgorithm())) {
        hint = NISTObjectIdentifiers.id_sha384.getId();
    } else if (algId.equals(HMAC_SHA512.getAlgorithm())) {
        hint = NISTObjectIdentifiers.id_sha512.getId();
    }
    if (hint == null) {
        throw new IllegalArgumentException("Digest hint not found for HMac algorithm: " + algId.getId());
    }
    return hint;
}
Also used : ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 4 with ASN1ObjectIdentifier

use of com.unboundid.asn1.ASN1ObjectIdentifier in project opb-sdk-java by bianjieai.

the class BCECUtils method getDomainParametersFromName.

/**
 * copy from BC
 *
 * @param ecSpec
 * @param withCompression
 * @return
 */
public static X962Parameters getDomainParametersFromName(java.security.spec.ECParameterSpec ecSpec, boolean withCompression) {
    X962Parameters params;
    if (ecSpec instanceof ECNamedCurveSpec) {
        ASN1ObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec) ecSpec).getName());
        if (curveOid == null) {
            curveOid = new ASN1ObjectIdentifier(((ECNamedCurveSpec) ecSpec).getName());
        }
        params = new X962Parameters(curveOid);
    } else if (ecSpec == null) {
        params = new X962Parameters(DERNull.INSTANCE);
    } else {
        ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
        X9ECParameters ecP = new X9ECParameters(curve, new X9ECPoint(EC5Util.convertPoint(curve, ecSpec.getGenerator()), withCompression), ecSpec.getOrder(), BigInteger.valueOf(ecSpec.getCofactor()), ecSpec.getCurve().getSeed());
        // // 如果是1.62或更低版本的bcprov-jdk15on应该使用以下这段代码,因为高版本的EC5Util.convertPoint没有向下兼容
        /*
            X9ECParameters ecP = new X9ECParameters(
                curve,
                EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression),
                ecSpec.getOrder(),
                BigInteger.valueOf(ecSpec.getCofactor()),
                ecSpec.getCurve().getSeed());
            */
        params = new X962Parameters(ecP);
    }
    return params;
}
Also used : X962Parameters(org.bouncycastle.asn1.x9.X962Parameters) X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters) X9ECPoint(org.bouncycastle.asn1.x9.X9ECPoint) ECCurve(org.bouncycastle.math.ec.ECCurve) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) ECNamedCurveSpec(org.bouncycastle.jce.spec.ECNamedCurveSpec)

Example 5 with ASN1ObjectIdentifier

use of com.unboundid.asn1.ASN1ObjectIdentifier in project pulsar by apache.

the class MessageCryptoBc method loadPublicKey.

private PublicKey loadPublicKey(byte[] keyBytes) throws Exception {
    Reader keyReader = new StringReader(new String(keyBytes));
    PublicKey publicKey = null;
    try (PEMParser pemReader = new PEMParser(keyReader)) {
        Object pemObj = pemReader.readObject();
        JcaPEMKeyConverter pemConverter = new JcaPEMKeyConverter();
        SubjectPublicKeyInfo keyInfo = null;
        X9ECParameters ecParam = null;
        if (pemObj instanceof ASN1ObjectIdentifier) {
            // make sure this is EC Parameter we're handling. In which case
            // we'll store it and read the next object which should be our
            // EC Public Key
            ASN1ObjectIdentifier ecOID = (ASN1ObjectIdentifier) pemObj;
            ecParam = ECNamedCurveTable.getByOID(ecOID);
            if (ecParam == null) {
                throw new PEMException("Unable to find EC Parameter for the given curve oid: " + ((ASN1ObjectIdentifier) pemObj).getId());
            }
            pemObj = pemReader.readObject();
        } else if (pemObj instanceof X9ECParameters) {
            ecParam = (X9ECParameters) pemObj;
            pemObj = pemReader.readObject();
        }
        if (pemObj instanceof X509CertificateHolder) {
            keyInfo = ((X509CertificateHolder) pemObj).getSubjectPublicKeyInfo();
        } else {
            keyInfo = (SubjectPublicKeyInfo) pemObj;
        }
        publicKey = pemConverter.getPublicKey(keyInfo);
        if (ecParam != null && ECDSA.equals(publicKey.getAlgorithm())) {
            ECParameterSpec ecSpec = new ECParameterSpec(ecParam.getCurve(), ecParam.getG(), ecParam.getN(), ecParam.getH(), ecParam.getSeed());
            KeyFactory keyFactory = KeyFactory.getInstance(ECDSA, BouncyCastleProvider.PROVIDER_NAME);
            ECPublicKeySpec keySpec = new ECPublicKeySpec(((BCECPublicKey) publicKey).getQ(), ecSpec);
            publicKey = keyFactory.generatePublic(keySpec);
        }
    } catch (IOException | NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException e) {
        throw new Exception(e);
    }
    return publicKey;
}
Also used : BCECPublicKey(org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey) PublicKey(java.security.PublicKey) X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters) Reader(java.io.Reader) CryptoKeyReader(org.apache.pulsar.client.api.CryptoKeyReader) StringReader(java.io.StringReader) JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter) IOException(java.io.IOException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) ECPublicKeySpec(org.bouncycastle.jce.spec.ECPublicKeySpec) PulsarClientException(org.apache.pulsar.client.api.PulsarClientException) ShortBufferException(javax.crypto.ShortBufferException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) CryptoException(org.apache.pulsar.client.api.PulsarClientException.CryptoException) PEMException(org.bouncycastle.openssl.PEMException) IOException(java.io.IOException) BadPaddingException(javax.crypto.BadPaddingException) NoSuchProviderException(java.security.NoSuchProviderException) PEMParser(org.bouncycastle.openssl.PEMParser) ECParameterSpec(org.bouncycastle.jce.spec.ECParameterSpec) PEMException(org.bouncycastle.openssl.PEMException) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) StringReader(java.io.StringReader) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) NoSuchProviderException(java.security.NoSuchProviderException) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) KeyFactory(java.security.KeyFactory)

Aggregations

ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)545 IOException (java.io.IOException)155 ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)126 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)87 DEROctetString (org.bouncycastle.asn1.DEROctetString)87 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)71 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)71 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)70 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)69 Enumeration (java.util.Enumeration)65 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)64 BigInteger (java.math.BigInteger)60 DERSequence (org.bouncycastle.asn1.DERSequence)60 ArrayList (java.util.ArrayList)55 HashSet (java.util.HashSet)52 DERIA5String (org.bouncycastle.asn1.DERIA5String)52 X500Name (org.bouncycastle.asn1.x500.X500Name)52 X509Certificate (java.security.cert.X509Certificate)49 Extension (org.bouncycastle.asn1.x509.Extension)46 ASN1String (org.bouncycastle.asn1.ASN1String)43