Examples with AlgorithmIdentifier org.apache.harmony.security.x509.AlgorithmIdentifier used on opensource projects

Search in sources :

Example 6 with AlgorithmIdentifier

use of org.apache.harmony.security.x509.AlgorithmIdentifier in project robovm by robovm.

the class SubjectPublicKeyInfoTest method test_getPublicKey_Unknown_OID.

public void test_getPublicKey_Unknown_OID() throws Exception {
    AlgorithmIdentifier algid = new AlgorithmIdentifier("1.30.9999999999.8734878");
    SubjectPublicKeyInfo spki = new SubjectPublicKeyInfo(algid, ENCODED_BROKEN);
    PublicKey pubKey = spki.getPublicKey();
    assertNotNull(pubKey);
    assertEquals(X509PublicKey.class, pubKey.getClass());
}
Also used : X509PublicKey(org.apache.harmony.security.x509.X509PublicKey) PublicKey(java.security.PublicKey) RSAPublicKey(java.security.interfaces.RSAPublicKey) SubjectPublicKeyInfo(org.apache.harmony.security.x509.SubjectPublicKeyInfo) AlgorithmIdentifier(org.apache.harmony.security.x509.AlgorithmIdentifier)

Example 7 with AlgorithmIdentifier

use of org.apache.harmony.security.x509.AlgorithmIdentifier in project robovm by robovm.

the class SignerInformation method doVerify.

private boolean doVerify(SignerInformationVerifier verifier) throws CMSException {
    String encName = CMSSignedHelper.INSTANCE.getEncryptionAlgName(this.getEncryptionAlgOID());
    ContentVerifier contentVerifier;
    try {
        contentVerifier = verifier.getContentVerifier(encryptionAlgorithm, info.getDigestAlgorithm());
    } catch (OperatorCreationException e) {
        throw new CMSException("can't create content verifier: " + e.getMessage(), e);
    }
    try {
        OutputStream sigOut = contentVerifier.getOutputStream();
        if (resultDigest == null) {
            DigestCalculator calc = verifier.getDigestCalculator(this.getDigestAlgorithmID());
            if (content != null) {
                OutputStream digOut = calc.getOutputStream();
                if (signedAttributeSet == null) {
                    if (contentVerifier instanceof RawContentVerifier) {
                        content.write(digOut);
                    } else {
                        OutputStream cOut = new TeeOutputStream(digOut, sigOut);
                        content.write(cOut);
                        cOut.close();
                    }
                } else {
                    content.write(digOut);
                    sigOut.write(this.getEncodedSignedAttributes());
                }
                digOut.close();
            } else if (signedAttributeSet != null) {
                sigOut.write(this.getEncodedSignedAttributes());
            } else {
                // TODO Get rid of this exception and just treat content==null as empty not missing?
                throw new CMSException("data not encapsulated in signature - use detached constructor.");
            }
            resultDigest = calc.getDigest();
        } else {
            if (signedAttributeSet == null) {
                if (content != null) {
                    content.write(sigOut);
                }
            } else {
                sigOut.write(this.getEncodedSignedAttributes());
            }
        }
        sigOut.close();
    } catch (IOException e) {
        throw new CMSException("can't process mime object to create signature.", e);
    } catch (OperatorCreationException e) {
        throw new CMSException("can't create digest calculator: " + e.getMessage(), e);
    }
    // RFC 3852 11.1 Check the content-type attribute is correct
    {
        ASN1Primitive validContentType = getSingleValuedSignedAttribute(CMSAttributes.contentType, "content-type");
        if (validContentType == null) {
            if (!isCounterSignature && signedAttributeSet != null) {
                throw new CMSException("The content-type attribute type MUST be present whenever signed attributes are present in signed-data");
            }
        } else {
            if (isCounterSignature) {
                throw new CMSException("[For counter signatures,] the signedAttributes field MUST NOT contain a content-type attribute");
            }
            if (!(validContentType instanceof ASN1ObjectIdentifier)) {
                throw new CMSException("content-type attribute value not of ASN.1 type 'OBJECT IDENTIFIER'");
            }
            ASN1ObjectIdentifier signedContentType = (ASN1ObjectIdentifier) validContentType;
            if (!signedContentType.equals(contentType)) {
                throw new CMSException("content-type attribute value does not match eContentType");
            }
        }
    }
    // RFC 3852 11.2 Check the message-digest attribute is correct
    {
        ASN1Primitive validMessageDigest = getSingleValuedSignedAttribute(CMSAttributes.messageDigest, "message-digest");
        if (validMessageDigest == null) {
            if (signedAttributeSet != null) {
                throw new CMSException("the message-digest signed attribute type MUST be present when there are any signed attributes present");
            }
        } else {
            if (!(validMessageDigest instanceof ASN1OctetString)) {
                throw new CMSException("message-digest attribute value not of ASN.1 type 'OCTET STRING'");
            }
            ASN1OctetString signedMessageDigest = (ASN1OctetString) validMessageDigest;
            if (!Arrays.constantTimeAreEqual(resultDigest, signedMessageDigest.getOctets())) {
                throw new CMSSignerDigestMismatchException("message-digest attribute value does not match calculated value");
            }
        }
    }
    // RFC 3852 11.4 Validate countersignature attribute(s)
    {
        AttributeTable signedAttrTable = this.getSignedAttributes();
        if (signedAttrTable != null && signedAttrTable.getAll(CMSAttributes.counterSignature).size() > 0) {
            throw new CMSException("A countersignature attribute MUST NOT be a signed attribute");
        }
        AttributeTable unsignedAttrTable = this.getUnsignedAttributes();
        if (unsignedAttrTable != null) {
            ASN1EncodableVector csAttrs = unsignedAttrTable.getAll(CMSAttributes.counterSignature);
            for (int i = 0; i < csAttrs.size(); ++i) {
                Attribute csAttr = (Attribute) csAttrs.get(i);
                if (csAttr.getAttrValues().size() < 1) {
                    throw new CMSException("A countersignature attribute MUST contain at least one AttributeValue");
                }
            // Note: We don't recursively validate the countersignature value
            }
        }
    }
    try {
        if (signedAttributeSet == null && resultDigest != null) {
            if (contentVerifier instanceof RawContentVerifier) {
                RawContentVerifier rawVerifier = (RawContentVerifier) contentVerifier;
                if (encName.equals("RSA")) {
                    DigestInfo digInfo = new DigestInfo(new AlgorithmIdentifier(digestAlgorithm.getAlgorithm(), DERNull.INSTANCE), resultDigest);
                    return rawVerifier.verify(digInfo.getEncoded(ASN1Encoding.DER), this.getSignature());
                }
                return rawVerifier.verify(resultDigest, this.getSignature());
            }
        }
        return contentVerifier.verify(this.getSignature());
    } catch (IOException e) {
        throw new CMSException("can't process mime object to create signature.", e);
    }
}
Also used : ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) TeeOutputStream(org.bouncycastle.util.io.TeeOutputStream) Attribute(org.bouncycastle.asn1.cms.Attribute) ContentVerifier(org.bouncycastle.operator.ContentVerifier) RawContentVerifier(org.bouncycastle.operator.RawContentVerifier) OutputStream(java.io.OutputStream) TeeOutputStream(org.bouncycastle.util.io.TeeOutputStream) DigestCalculator(org.bouncycastle.operator.DigestCalculator) AttributeTable(org.bouncycastle.asn1.cms.AttributeTable) RawContentVerifier(org.bouncycastle.operator.RawContentVerifier) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) IOException(java.io.IOException) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) DigestInfo(org.bouncycastle.asn1.x509.DigestInfo) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 8 with AlgorithmIdentifier

use of org.apache.harmony.security.x509.AlgorithmIdentifier in project robovm by robovm.

the class DefaultSignatureAlgorithmIdentifierFinder method generate.

private static AlgorithmIdentifier generate(String signatureAlgorithm) {
    AlgorithmIdentifier sigAlgId;
    AlgorithmIdentifier encAlgId;
    AlgorithmIdentifier digAlgId;
    String algorithmName = Strings.toUpperCase(signatureAlgorithm);
    ASN1ObjectIdentifier sigOID = (ASN1ObjectIdentifier) algorithms.get(algorithmName);
    if (sigOID == null) {
        throw new IllegalArgumentException("Unknown signature type requested: " + algorithmName);
    }
    if (noParams.contains(sigOID)) {
        sigAlgId = new AlgorithmIdentifier(sigOID);
    } else if (params.containsKey(algorithmName)) {
        sigAlgId = new AlgorithmIdentifier(sigOID, (ASN1Encodable) params.get(algorithmName));
    } else {
        sigAlgId = new AlgorithmIdentifier(sigOID, DERNull.INSTANCE);
    }
    if (pkcs15RsaEncryption.contains(sigOID)) {
        encAlgId = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE);
    } else {
        encAlgId = sigAlgId;
    }
    if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) {
        digAlgId = ((RSASSAPSSparams) sigAlgId.getParameters()).getHashAlgorithm();
    } else {
        digAlgId = new AlgorithmIdentifier((ASN1ObjectIdentifier) digestOids.get(sigOID), DERNull.INSTANCE);
    }
    return sigAlgId;
}
Also used : ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Example 9 with AlgorithmIdentifier

use of org.apache.harmony.security.x509.AlgorithmIdentifier in project robovm by robovm.

the class BcDefaultDigestProvider method createTable.

private static Map createTable() {
    Map table = new HashMap();
    table.put(OIWObjectIdentifiers.idSHA1, new BcDigestProvider() {

        public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier) {
            return new SHA1Digest();
        }
    });
    // BEGIN android-removed
    // table.put(NISTObjectIdentifiers.id_sha224, new BcDigestProvider()
    // {
    //     public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
    //     {
    //         return new SHA224Digest();
    //     }
    // });
    // END android-removed
    table.put(NISTObjectIdentifiers.id_sha256, new BcDigestProvider() {

        public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier) {
            return new SHA256Digest();
        }
    });
    table.put(NISTObjectIdentifiers.id_sha384, new BcDigestProvider() {

        public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier) {
            return new SHA384Digest();
        }
    });
    table.put(NISTObjectIdentifiers.id_sha512, new BcDigestProvider() {

        public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier) {
            return new SHA512Digest();
        }
    });
    table.put(PKCSObjectIdentifiers.md5, new BcDigestProvider() {

        public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier) {
            return new MD5Digest();
        }
    });
    return Collections.unmodifiableMap(table);
}
Also used : ExtendedDigest(org.bouncycastle.crypto.ExtendedDigest) SHA512Digest(org.bouncycastle.crypto.digests.SHA512Digest) MD5Digest(org.bouncycastle.crypto.digests.MD5Digest) HashMap(java.util.HashMap) SHA256Digest(org.bouncycastle.crypto.digests.SHA256Digest) SHA1Digest(org.bouncycastle.crypto.digests.SHA1Digest) HashMap(java.util.HashMap) Map(java.util.Map) SHA384Digest(org.bouncycastle.crypto.digests.SHA384Digest) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Example 10 with AlgorithmIdentifier

use of org.apache.harmony.security.x509.AlgorithmIdentifier in project robovm by robovm.

the class JcaDigestCalculatorProviderBuilder method build.

public DigestCalculatorProvider build() throws OperatorCreationException {
    return new DigestCalculatorProvider() {

        public DigestCalculator get(final AlgorithmIdentifier algorithm) throws OperatorCreationException {
            final DigestOutputStream stream;
            try {
                MessageDigest dig = helper.createDigest(algorithm);
                stream = new DigestOutputStream(dig);
            } catch (GeneralSecurityException e) {
                throw new OperatorCreationException("exception on setup: " + e, e);
            }
            return new DigestCalculator() {

                public AlgorithmIdentifier getAlgorithmIdentifier() {
                    return algorithm;
                }

                public OutputStream getOutputStream() {
                    return stream;
                }

                public byte[] getDigest() {
                    return stream.getDigest();
                }
            };
        }
    };
}
Also used : DigestCalculatorProvider(org.bouncycastle.operator.DigestCalculatorProvider) GeneralSecurityException(java.security.GeneralSecurityException) DigestCalculator(org.bouncycastle.operator.DigestCalculator) MessageDigest(java.security.MessageDigest) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Aggregations

AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)31 IOException (java.io.IOException)16 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)11 DERObjectIdentifier (org.bouncycastle.asn1.DERObjectIdentifier)11 X962Parameters (org.bouncycastle.asn1.x9.X962Parameters)10 X9ECParameters (org.bouncycastle.asn1.x9.X9ECParameters)10 BigInteger (java.math.BigInteger)9 X509Certificate (java.security.cert.X509Certificate)8 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)8 SubjectPublicKeyInfo (org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)8 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)7 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)7 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)6 ECNamedCurveSpec (org.bouncycastle.jce.spec.ECNamedCurveSpec)6 ECCurve (org.bouncycastle.math.ec.ECCurve)6 OperatorCreationException (org.bouncycastle.operator.OperatorCreationException)6 ASN1EncodableVector (com.android.org.bouncycastle.asn1.ASN1EncodableVector)5 ASN1InputStream (com.android.org.bouncycastle.asn1.ASN1InputStream)5 ASN1Integer (com.android.org.bouncycastle.asn1.ASN1Integer)5 ASN1ObjectIdentifier (com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial