Examples with AlgorithmIdentifier org.apache.harmony.security.x509.AlgorithmIdentifier used on opensource projects

Search in sources :

Example 21 with AlgorithmIdentifier

use of org.apache.harmony.security.x509.AlgorithmIdentifier in project android_frameworks_base by ResurrectionRemix.

the class AndroidKeyStoreKeyPairGeneratorSpi method generateSelfSignedCertificateWithFakeSignature.

@SuppressWarnings("deprecation")
private X509Certificate generateSelfSignedCertificateWithFakeSignature(PublicKey publicKey) throws IOException, CertificateParsingException {
    V3TBSCertificateGenerator tbsGenerator = new V3TBSCertificateGenerator();
    ASN1ObjectIdentifier sigAlgOid;
    AlgorithmIdentifier sigAlgId;
    byte[] signature;
    switch(mKeymasterAlgorithm) {
        case KeymasterDefs.KM_ALGORITHM_EC:
            sigAlgOid = X9ObjectIdentifiers.ecdsa_with_SHA256;
            sigAlgId = new AlgorithmIdentifier(sigAlgOid);
            ASN1EncodableVector v = new ASN1EncodableVector();
            v.add(new DERInteger(0));
            v.add(new DERInteger(0));
            signature = new DERSequence().getEncoded();
            break;
        case KeymasterDefs.KM_ALGORITHM_RSA:
            sigAlgOid = PKCSObjectIdentifiers.sha256WithRSAEncryption;
            sigAlgId = new AlgorithmIdentifier(sigAlgOid, DERNull.INSTANCE);
            signature = new byte[1];
            break;
        default:
            throw new ProviderException("Unsupported key algorithm: " + mKeymasterAlgorithm);
    }
    try (ASN1InputStream publicKeyInfoIn = new ASN1InputStream(publicKey.getEncoded())) {
        tbsGenerator.setSubjectPublicKeyInfo(SubjectPublicKeyInfo.getInstance(publicKeyInfoIn.readObject()));
    }
    tbsGenerator.setSerialNumber(new ASN1Integer(mSpec.getCertificateSerialNumber()));
    X509Principal subject = new X509Principal(mSpec.getCertificateSubject().getEncoded());
    tbsGenerator.setSubject(subject);
    tbsGenerator.setIssuer(subject);
    tbsGenerator.setStartDate(new Time(mSpec.getCertificateNotBefore()));
    tbsGenerator.setEndDate(new Time(mSpec.getCertificateNotAfter()));
    tbsGenerator.setSignature(sigAlgId);
    TBSCertificate tbsCertificate = tbsGenerator.generateTBSCertificate();
    ASN1EncodableVector result = new ASN1EncodableVector();
    result.add(tbsCertificate);
    result.add(sigAlgId);
    result.add(new DERBitString(signature));
    return new X509CertificateObject(Certificate.getInstance(new DERSequence(result)));
}
Also used : ASN1InputStream(com.android.org.bouncycastle.asn1.ASN1InputStream) ProviderException(java.security.ProviderException) Time(com.android.org.bouncycastle.asn1.x509.Time) DERBitString(com.android.org.bouncycastle.asn1.DERBitString) ASN1Integer(com.android.org.bouncycastle.asn1.ASN1Integer) AlgorithmIdentifier(com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier) DERInteger(com.android.org.bouncycastle.asn1.DERInteger) DERSequence(com.android.org.bouncycastle.asn1.DERSequence) X509CertificateObject(com.android.org.bouncycastle.jce.provider.X509CertificateObject) X509Principal(com.android.org.bouncycastle.jce.X509Principal) ASN1EncodableVector(com.android.org.bouncycastle.asn1.ASN1EncodableVector) V3TBSCertificateGenerator(com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator) TBSCertificate(com.android.org.bouncycastle.asn1.x509.TBSCertificate) ASN1ObjectIdentifier(com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 22 with AlgorithmIdentifier

use of org.apache.harmony.security.x509.AlgorithmIdentifier in project android_frameworks_base by crdroidandroid.

the class AndroidKeyStoreKeyPairGeneratorSpi method generateSelfSignedCertificateWithFakeSignature.

@SuppressWarnings("deprecation")
private X509Certificate generateSelfSignedCertificateWithFakeSignature(PublicKey publicKey) throws IOException, CertificateParsingException {
    V3TBSCertificateGenerator tbsGenerator = new V3TBSCertificateGenerator();
    ASN1ObjectIdentifier sigAlgOid;
    AlgorithmIdentifier sigAlgId;
    byte[] signature;
    switch(mKeymasterAlgorithm) {
        case KeymasterDefs.KM_ALGORITHM_EC:
            sigAlgOid = X9ObjectIdentifiers.ecdsa_with_SHA256;
            sigAlgId = new AlgorithmIdentifier(sigAlgOid);
            ASN1EncodableVector v = new ASN1EncodableVector();
            v.add(new DERInteger(0));
            v.add(new DERInteger(0));
            signature = new DERSequence().getEncoded();
            break;
        case KeymasterDefs.KM_ALGORITHM_RSA:
            sigAlgOid = PKCSObjectIdentifiers.sha256WithRSAEncryption;
            sigAlgId = new AlgorithmIdentifier(sigAlgOid, DERNull.INSTANCE);
            signature = new byte[1];
            break;
        default:
            throw new ProviderException("Unsupported key algorithm: " + mKeymasterAlgorithm);
    }
    try (ASN1InputStream publicKeyInfoIn = new ASN1InputStream(publicKey.getEncoded())) {
        tbsGenerator.setSubjectPublicKeyInfo(SubjectPublicKeyInfo.getInstance(publicKeyInfoIn.readObject()));
    }
    tbsGenerator.setSerialNumber(new ASN1Integer(mSpec.getCertificateSerialNumber()));
    X509Principal subject = new X509Principal(mSpec.getCertificateSubject().getEncoded());
    tbsGenerator.setSubject(subject);
    tbsGenerator.setIssuer(subject);
    tbsGenerator.setStartDate(new Time(mSpec.getCertificateNotBefore()));
    tbsGenerator.setEndDate(new Time(mSpec.getCertificateNotAfter()));
    tbsGenerator.setSignature(sigAlgId);
    TBSCertificate tbsCertificate = tbsGenerator.generateTBSCertificate();
    ASN1EncodableVector result = new ASN1EncodableVector();
    result.add(tbsCertificate);
    result.add(sigAlgId);
    result.add(new DERBitString(signature));
    return new X509CertificateObject(Certificate.getInstance(new DERSequence(result)));
}
Also used : ASN1InputStream(com.android.org.bouncycastle.asn1.ASN1InputStream) ProviderException(java.security.ProviderException) Time(com.android.org.bouncycastle.asn1.x509.Time) DERBitString(com.android.org.bouncycastle.asn1.DERBitString) ASN1Integer(com.android.org.bouncycastle.asn1.ASN1Integer) AlgorithmIdentifier(com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier) DERInteger(com.android.org.bouncycastle.asn1.DERInteger) DERSequence(com.android.org.bouncycastle.asn1.DERSequence) X509CertificateObject(com.android.org.bouncycastle.jce.provider.X509CertificateObject) X509Principal(com.android.org.bouncycastle.jce.X509Principal) ASN1EncodableVector(com.android.org.bouncycastle.asn1.ASN1EncodableVector) V3TBSCertificateGenerator(com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator) TBSCertificate(com.android.org.bouncycastle.asn1.x509.TBSCertificate) ASN1ObjectIdentifier(com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 23 with AlgorithmIdentifier

use of org.apache.harmony.security.x509.AlgorithmIdentifier in project OpenAttestation by OpenAttestation.

the class X509AttrBuilder method build.

public byte[] build() {
    if (notBefore == null || notAfter == null) {
        // 1 day default
        expires(1, TimeUnit.DAYS);
    }
    if (serialNumber == null) {
        dateSerial();
    }
    if (subjectName == null) {
        fault("Subject name is missing");
    }
    if (issuerName == null) {
        fault("Issuer name is missing");
    }
    if (issuerPrivateKey == null) {
        fault("Issuer private key is missing");
    }
    if (attributes.isEmpty()) {
        fault("No attributes selected");
    }
    try {
        if (getFaults().isEmpty()) {
            AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA256withRSA");
            AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
            ContentSigner authority = null;
            if (issuerPrivateKey != null)
                // create a bouncy castle content signer convert using our existing private key
                authority = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(PrivateKeyFactory.createKey(issuerPrivateKey.getEncoded()));
            // second, prepare the attribute certificate
            // which is expected to be a UUID  like this: 33766a63-5c55-4461-8a84-5936577df450
            AttributeCertificateHolder holder = new AttributeCertificateHolder(subjectName);
            AttributeCertificateIssuer issuer = new AttributeCertificateIssuer(issuerName);
            X509v2AttributeCertificateBuilder builder = new X509v2AttributeCertificateBuilder(holder, issuer, serialNumber, notBefore, notAfter);
            for (Attribute attribute : attributes) {
                builder.addAttribute(attribute.oid, attribute.value);
            }
            // fourth, sign the attribute certificate
            if (authority != null) {
                X509AttributeCertificateHolder cert;
                cert = builder.build(authority);
                //X509AttributeCertificate.valueOf(cert.getEncoded());            
                return cert.getEncoded();
            }
        }
        return null;
    } catch (IOException | OperatorCreationException e) {
        fault(e, "cannot sign certificate");
        return null;
    } finally {
        done();
    }
}
Also used : X509v2AttributeCertificateBuilder(org.bouncycastle.cert.X509v2AttributeCertificateBuilder) AttributeCertificateIssuer(org.bouncycastle.cert.AttributeCertificateIssuer) X509AttributeCertificateHolder(org.bouncycastle.cert.X509AttributeCertificateHolder) AttributeCertificateHolder(org.bouncycastle.cert.AttributeCertificateHolder) ContentSigner(org.bouncycastle.operator.ContentSigner) X509AttributeCertificateHolder(org.bouncycastle.cert.X509AttributeCertificateHolder) IOException(java.io.IOException) DefaultDigestAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) DefaultSignatureAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder) BcRSAContentSignerBuilder(org.bouncycastle.operator.bc.BcRSAContentSignerBuilder) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException)

Example 24 with AlgorithmIdentifier

use of org.apache.harmony.security.x509.AlgorithmIdentifier in project platformlayer by platformlayer.

the class Csr method buildCsr.

public static Csr buildCsr(KeyPair keyPair, X500Principal subjectName) {
    X500Name subject = BouncyCastleHelpers.toX500Name(subjectName);
    SubjectPublicKeyInfo publicKeyInfo = BouncyCastleHelpers.toSubjectPublicKeyInfo(keyPair.getPublic());
    PKCS10CertificationRequestBuilder csrBuilder = new PKCS10CertificationRequestBuilder(subject, publicKeyInfo);
    AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1withRSA");
    AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
    BcRSAContentSignerBuilder sigBuild = new BcRSAContentSignerBuilder(sigAlgId, digAlgId);
    ContentSigner signer;
    try {
        signer = sigBuild.build(BouncyCastleHelpers.toAsymmetricKeyParameter(keyPair.getPrivate()));
    } catch (OperatorCreationException e) {
        throw new IllegalArgumentException("Error building content signer", e);
    }
    PKCS10CertificationRequest csrHolder = csrBuilder.build(signer);
    return new Csr(csrHolder);
}
Also used : PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest) BcRSAContentSignerBuilder(org.bouncycastle.operator.bc.BcRSAContentSignerBuilder) ContentSigner(org.bouncycastle.operator.ContentSigner) PKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder) X500Name(org.bouncycastle.asn1.x500.X500Name) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) DefaultDigestAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) DefaultSignatureAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder)

Example 25 with AlgorithmIdentifier

use of org.apache.harmony.security.x509.AlgorithmIdentifier in project robovm by robovm.

the class JcaContentVerifierProviderBuilder method build.

public ContentVerifierProvider build(final PublicKey publicKey) throws OperatorCreationException {
    return new ContentVerifierProvider() {

        public boolean hasAssociatedCertificate() {
            return false;
        }

        public X509CertificateHolder getAssociatedCertificate() {
            return null;
        }

        public ContentVerifier get(AlgorithmIdentifier algorithm) throws OperatorCreationException {
            SignatureOutputStream stream = createSignatureStream(algorithm, publicKey);
            Signature rawSig = createRawSig(algorithm, publicKey);
            if (rawSig != null) {
                return new RawSigVerifier(algorithm, stream, rawSig);
            } else {
                return new SigVerifier(algorithm, stream);
            }
        }
    };
}
Also used : Signature(java.security.Signature) ContentVerifierProvider(org.bouncycastle.operator.ContentVerifierProvider) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Aggregations

AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)31 IOException (java.io.IOException)16 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)11 DERObjectIdentifier (org.bouncycastle.asn1.DERObjectIdentifier)11 X962Parameters (org.bouncycastle.asn1.x9.X962Parameters)10 X9ECParameters (org.bouncycastle.asn1.x9.X9ECParameters)10 BigInteger (java.math.BigInteger)9 X509Certificate (java.security.cert.X509Certificate)8 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)8 SubjectPublicKeyInfo (org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)8 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)7 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)7 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)6 ECNamedCurveSpec (org.bouncycastle.jce.spec.ECNamedCurveSpec)6 ECCurve (org.bouncycastle.math.ec.ECCurve)6 OperatorCreationException (org.bouncycastle.operator.OperatorCreationException)6 ASN1EncodableVector (com.android.org.bouncycastle.asn1.ASN1EncodableVector)5 ASN1InputStream (com.android.org.bouncycastle.asn1.ASN1InputStream)5 ASN1Integer (com.android.org.bouncycastle.asn1.ASN1Integer)5 ASN1ObjectIdentifier (com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial