Example 96 with AlgorithmIdentifier
use of org.apache.harmony.security.x509.AlgorithmIdentifier in project robovm by robovm.
the class PKCS10CertificationRequest method getPublicKey.
public PublicKey getPublicKey(String provider) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException {
SubjectPublicKeyInfo subjectPKInfo = reqInfo.getSubjectPublicKeyInfo();
try {
X509EncodedKeySpec xspec = new X509EncodedKeySpec(new DERBitString(subjectPKInfo).getBytes());
AlgorithmIdentifier keyAlg = subjectPKInfo.getAlgorithm();
try {
if (provider == null) {
return KeyFactory.getInstance(keyAlg.getAlgorithm().getId()).generatePublic(xspec);
} else {
return KeyFactory.getInstance(keyAlg.getAlgorithm().getId(), provider).generatePublic(xspec);
}
} catch (NoSuchAlgorithmException e) {
//
if (keyAlgorithms.get(keyAlg.getObjectId()) != null) {
String keyAlgorithm = (String) keyAlgorithms.get(keyAlg.getObjectId());
if (provider == null) {
return KeyFactory.getInstance(keyAlgorithm).generatePublic(xspec);
} else {
return KeyFactory.getInstance(keyAlgorithm, provider).generatePublic(xspec);
}
}
throw e;
}
} catch (InvalidKeySpecException e) {
throw new InvalidKeyException("error decoding public key");
} catch (IOException e) {
throw new InvalidKeyException("error decoding public key");
}
}
Also used :
X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec)
DERBitString(org.bouncycastle.asn1.DERBitString)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
DERBitString(org.bouncycastle.asn1.DERBitString)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
IOException(java.io.IOException)
InvalidKeyException(java.security.InvalidKeyException)
SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 97 with AlgorithmIdentifier
use of org.apache.harmony.security.x509.AlgorithmIdentifier in project robovm by robovm.
the class JcaContentVerifierProviderBuilder method build.
public ContentVerifierProvider build(final PublicKey publicKey) throws OperatorCreationException {
return new ContentVerifierProvider() {
public boolean hasAssociatedCertificate() {
return false;
}
public X509CertificateHolder getAssociatedCertificate() {
return null;
}
public ContentVerifier get(AlgorithmIdentifier algorithm) throws OperatorCreationException {
SignatureOutputStream stream = createSignatureStream(algorithm, publicKey);
Signature rawSig = createRawSig(algorithm, publicKey);
if (rawSig != null) {
return new RawSigVerifier(algorithm, stream, rawSig);
} else {
return new SigVerifier(algorithm, stream);
}
}
};
}
Also used :
Signature(java.security.Signature)
ContentVerifierProvider(org.bouncycastle.operator.ContentVerifierProvider)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 98 with AlgorithmIdentifier
use of org.apache.harmony.security.x509.AlgorithmIdentifier in project robovm by robovm.
the class JcaContentVerifierProviderBuilder method build.
public ContentVerifierProvider build(final X509Certificate certificate) throws OperatorCreationException {
final X509CertificateHolder certHolder;
try {
certHolder = new JcaX509CertificateHolder(certificate);
} catch (CertificateEncodingException e) {
throw new OperatorCreationException("cannot process certificate: " + e.getMessage(), e);
}
return new ContentVerifierProvider() {
private SignatureOutputStream stream;
public boolean hasAssociatedCertificate() {
return true;
}
public X509CertificateHolder getAssociatedCertificate() {
return certHolder;
}
public ContentVerifier get(AlgorithmIdentifier algorithm) throws OperatorCreationException {
try {
Signature sig = helper.createSignature(algorithm);
sig.initVerify(certificate.getPublicKey());
stream = new SignatureOutputStream(sig);
} catch (GeneralSecurityException e) {
throw new OperatorCreationException("exception on setup: " + e, e);
}
Signature rawSig = createRawSig(algorithm, certificate.getPublicKey());
if (rawSig != null) {
return new RawSigVerifier(algorithm, stream, rawSig);
} else {
return new SigVerifier(algorithm, stream);
}
}
};
}
Also used :
X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder)
JcaX509CertificateHolder(org.bouncycastle.cert.jcajce.JcaX509CertificateHolder)
Signature(java.security.Signature)
GeneralSecurityException(java.security.GeneralSecurityException)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
OperatorCreationException(org.bouncycastle.operator.OperatorCreationException)
JcaX509CertificateHolder(org.bouncycastle.cert.jcajce.JcaX509CertificateHolder)
ContentVerifierProvider(org.bouncycastle.operator.ContentVerifierProvider)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 99 with AlgorithmIdentifier
use of org.apache.harmony.security.x509.AlgorithmIdentifier in project robovm by robovm.
the class SignerInfoGenerator method generate.
public SignerInfo generate(ASN1ObjectIdentifier contentType) throws CMSException {
try {
/* RFC 3852 5.4
* The result of the message digest calculation process depends on
* whether the signedAttrs field is present. When the field is absent,
* the result is just the message digest of the content as described
*
* above. When the field is present, however, the result is the message
* digest of the complete DER encoding of the SignedAttrs value
* contained in the signedAttrs field.
*/
ASN1Set signedAttr = null;
AlgorithmIdentifier digestAlg = null;
if (sAttrGen != null) {
digestAlg = digester.getAlgorithmIdentifier();
calculatedDigest = digester.getDigest();
Map parameters = getBaseParameters(contentType, digester.getAlgorithmIdentifier(), calculatedDigest);
AttributeTable signed = sAttrGen.getAttributes(Collections.unmodifiableMap(parameters));
signedAttr = getAttributeSet(signed);
// sig must be composed from the DER encoding.
OutputStream sOut = signer.getOutputStream();
sOut.write(signedAttr.getEncoded(ASN1Encoding.DER));
sOut.close();
} else {
if (digester != null) {
digestAlg = digester.getAlgorithmIdentifier();
calculatedDigest = digester.getDigest();
} else {
digestAlg = digAlgFinder.find(signer.getAlgorithmIdentifier());
calculatedDigest = null;
}
}
byte[] sigBytes = signer.getSignature();
ASN1Set unsignedAttr = null;
if (unsAttrGen != null) {
Map parameters = getBaseParameters(contentType, digestAlg, calculatedDigest);
parameters.put(CMSAttributeTableGenerator.SIGNATURE, sigBytes.clone());
AttributeTable unsigned = unsAttrGen.getAttributes(Collections.unmodifiableMap(parameters));
unsignedAttr = getAttributeSet(unsigned);
}
AlgorithmIdentifier digestEncryptionAlgorithm = sigEncAlgFinder.findEncryptionAlgorithm(signer.getAlgorithmIdentifier());
return new SignerInfo(signerIdentifier, digestAlg, signedAttr, digestEncryptionAlgorithm, new DEROctetString(sigBytes), unsignedAttr);
} catch (IOException e) {
throw new CMSException("encoding error.", e);
}
}
Also used :
SignerInfo(org.bouncycastle.asn1.cms.SignerInfo)
ASN1Set(org.bouncycastle.asn1.ASN1Set)
OutputStream(java.io.OutputStream)
TeeOutputStream(org.bouncycastle.util.io.TeeOutputStream)
AttributeTable(org.bouncycastle.asn1.cms.AttributeTable)
IOException(java.io.IOException)
HashMap(java.util.HashMap)
Map(java.util.Map)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 100 with AlgorithmIdentifier
use of org.apache.harmony.security.x509.AlgorithmIdentifier in project robovm by robovm.
the class JCEECPrivateKey method getEncoded.
/**
* Return a PKCS8 representation of the key. The sequence returned
* represents a full PrivateKeyInfo object.
*
* @return a PKCS8 representation of the key.
*/
public byte[] getEncoded() {
X962Parameters params;
if (ecSpec instanceof ECNamedCurveSpec) {
DERObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec) ecSpec).getName());
if (// guess it's the OID
curveOid == null) {
curveOid = new DERObjectIdentifier(((ECNamedCurveSpec) ecSpec).getName());
}
params = new X962Parameters(curveOid);
} else if (ecSpec == null) {
params = new X962Parameters(DERNull.INSTANCE);
} else {
ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
X9ECParameters ecP = new X9ECParameters(curve, EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), ecSpec.getOrder(), BigInteger.valueOf(ecSpec.getCofactor()), ecSpec.getCurve().getSeed());
params = new X962Parameters(ecP);
}
PrivateKeyInfo info;
ECPrivateKeyStructure keyStructure;
if (publicKey != null) {
keyStructure = new ECPrivateKeyStructure(this.getS(), publicKey, params);
} else {
keyStructure = new ECPrivateKeyStructure(this.getS(), params);
}
try {
// BEGIN android-removed
// if (algorithm.equals("ECGOST3410"))
// {
// info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive());
// }
// else
// END android-removed
{
info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()), keyStructure.toASN1Primitive());
}
return info.getEncoded(ASN1Encoding.DER);
} catch (IOException e) {
return null;
}
}
Also used :
X962Parameters(org.bouncycastle.asn1.x9.X962Parameters)
X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters)
ECCurve(org.bouncycastle.math.ec.ECCurve)
ECPrivateKeyStructure(org.bouncycastle.asn1.sec.ECPrivateKeyStructure)
IOException(java.io.IOException)
DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
ECNamedCurveSpec(org.bouncycastle.jce.spec.ECNamedCurveSpec)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Aggregations
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)146
IOException (java.io.IOException)52
SubjectPublicKeyInfo (org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)44
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)43
BigInteger (java.math.BigInteger)40
X500Name (org.bouncycastle.asn1.x500.X500Name)37
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)35
X509Certificate (java.security.cert.X509Certificate)31
ContentSigner (org.bouncycastle.operator.ContentSigner)26
Date (java.util.Date)24
DEROctetString (org.bouncycastle.asn1.DEROctetString)23
BcRSAContentSignerBuilder (org.bouncycastle.operator.bc.BcRSAContentSignerBuilder)23
KeyPair (java.security.KeyPair)20
X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)20
DefaultDigestAlgorithmIdentifierFinder (org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder)20
DefaultSignatureAlgorithmIdentifierFinder (org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder)20
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)19
KeyPairGenerator (java.security.KeyPairGenerator)17
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)16
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)16
