Search in sources :

Example 36 with AlgorithmIdentifier

use of org.apache.harmony.security.x509.AlgorithmIdentifier in project robovm by robovm.

the class PKCS10CertificationRequest method getPublicKey.

public PublicKey getPublicKey(String provider) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException {
    SubjectPublicKeyInfo subjectPKInfo = reqInfo.getSubjectPublicKeyInfo();
    try {
        X509EncodedKeySpec xspec = new X509EncodedKeySpec(new DERBitString(subjectPKInfo).getBytes());
        AlgorithmIdentifier keyAlg = subjectPKInfo.getAlgorithm();
        try {
            if (provider == null) {
                return KeyFactory.getInstance(keyAlg.getAlgorithm().getId()).generatePublic(xspec);
            } else {
                return KeyFactory.getInstance(keyAlg.getAlgorithm().getId(), provider).generatePublic(xspec);
            }
        } catch (NoSuchAlgorithmException e) {
            //
            if (keyAlgorithms.get(keyAlg.getObjectId()) != null) {
                String keyAlgorithm = (String) keyAlgorithms.get(keyAlg.getObjectId());
                if (provider == null) {
                    return KeyFactory.getInstance(keyAlgorithm).generatePublic(xspec);
                } else {
                    return KeyFactory.getInstance(keyAlgorithm, provider).generatePublic(xspec);
                }
            }
            throw e;
        }
    } catch (InvalidKeySpecException e) {
        throw new InvalidKeyException("error decoding public key");
    } catch (IOException e) {
        throw new InvalidKeyException("error decoding public key");
    }
}
Also used : X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) DERBitString(org.bouncycastle.asn1.DERBitString) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) DERBitString(org.bouncycastle.asn1.DERBitString) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) IOException(java.io.IOException) InvalidKeyException(java.security.InvalidKeyException) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Example 37 with AlgorithmIdentifier

use of org.apache.harmony.security.x509.AlgorithmIdentifier in project robovm by robovm.

the class JcaContentVerifierProviderBuilder method build.

public ContentVerifierProvider build(final PublicKey publicKey) throws OperatorCreationException {
    return new ContentVerifierProvider() {

        public boolean hasAssociatedCertificate() {
            return false;
        }

        public X509CertificateHolder getAssociatedCertificate() {
            return null;
        }

        public ContentVerifier get(AlgorithmIdentifier algorithm) throws OperatorCreationException {
            SignatureOutputStream stream = createSignatureStream(algorithm, publicKey);
            Signature rawSig = createRawSig(algorithm, publicKey);
            if (rawSig != null) {
                return new RawSigVerifier(algorithm, stream, rawSig);
            } else {
                return new SigVerifier(algorithm, stream);
            }
        }
    };
}
Also used : Signature(java.security.Signature) ContentVerifierProvider(org.bouncycastle.operator.ContentVerifierProvider) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Example 38 with AlgorithmIdentifier

use of org.apache.harmony.security.x509.AlgorithmIdentifier in project robovm by robovm.

the class JcaContentVerifierProviderBuilder method build.

public ContentVerifierProvider build(final X509Certificate certificate) throws OperatorCreationException {
    final X509CertificateHolder certHolder;
    try {
        certHolder = new JcaX509CertificateHolder(certificate);
    } catch (CertificateEncodingException e) {
        throw new OperatorCreationException("cannot process certificate: " + e.getMessage(), e);
    }
    return new ContentVerifierProvider() {

        private SignatureOutputStream stream;

        public boolean hasAssociatedCertificate() {
            return true;
        }

        public X509CertificateHolder getAssociatedCertificate() {
            return certHolder;
        }

        public ContentVerifier get(AlgorithmIdentifier algorithm) throws OperatorCreationException {
            try {
                Signature sig = helper.createSignature(algorithm);
                sig.initVerify(certificate.getPublicKey());
                stream = new SignatureOutputStream(sig);
            } catch (GeneralSecurityException e) {
                throw new OperatorCreationException("exception on setup: " + e, e);
            }
            Signature rawSig = createRawSig(algorithm, certificate.getPublicKey());
            if (rawSig != null) {
                return new RawSigVerifier(algorithm, stream, rawSig);
            } else {
                return new SigVerifier(algorithm, stream);
            }
        }
    };
}
Also used : X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) JcaX509CertificateHolder(org.bouncycastle.cert.jcajce.JcaX509CertificateHolder) Signature(java.security.Signature) GeneralSecurityException(java.security.GeneralSecurityException) CertificateEncodingException(java.security.cert.CertificateEncodingException) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException) JcaX509CertificateHolder(org.bouncycastle.cert.jcajce.JcaX509CertificateHolder) ContentVerifierProvider(org.bouncycastle.operator.ContentVerifierProvider) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Example 39 with AlgorithmIdentifier

use of org.apache.harmony.security.x509.AlgorithmIdentifier in project robovm by robovm.

the class SignerInfoGenerator method generate.

public SignerInfo generate(ASN1ObjectIdentifier contentType) throws CMSException {
    try {
        /* RFC 3852 5.4
             * The result of the message digest calculation process depends on
             * whether the signedAttrs field is present.  When the field is absent,
             * the result is just the message digest of the content as described
             *
             * above.  When the field is present, however, the result is the message
             * digest of the complete DER encoding of the SignedAttrs value
             * contained in the signedAttrs field.
             */
        ASN1Set signedAttr = null;
        AlgorithmIdentifier digestAlg = null;
        if (sAttrGen != null) {
            digestAlg = digester.getAlgorithmIdentifier();
            calculatedDigest = digester.getDigest();
            Map parameters = getBaseParameters(contentType, digester.getAlgorithmIdentifier(), calculatedDigest);
            AttributeTable signed = sAttrGen.getAttributes(Collections.unmodifiableMap(parameters));
            signedAttr = getAttributeSet(signed);
            // sig must be composed from the DER encoding.
            OutputStream sOut = signer.getOutputStream();
            sOut.write(signedAttr.getEncoded(ASN1Encoding.DER));
            sOut.close();
        } else {
            if (digester != null) {
                digestAlg = digester.getAlgorithmIdentifier();
                calculatedDigest = digester.getDigest();
            } else {
                digestAlg = digAlgFinder.find(signer.getAlgorithmIdentifier());
                calculatedDigest = null;
            }
        }
        byte[] sigBytes = signer.getSignature();
        ASN1Set unsignedAttr = null;
        if (unsAttrGen != null) {
            Map parameters = getBaseParameters(contentType, digestAlg, calculatedDigest);
            parameters.put(CMSAttributeTableGenerator.SIGNATURE, sigBytes.clone());
            AttributeTable unsigned = unsAttrGen.getAttributes(Collections.unmodifiableMap(parameters));
            unsignedAttr = getAttributeSet(unsigned);
        }
        AlgorithmIdentifier digestEncryptionAlgorithm = sigEncAlgFinder.findEncryptionAlgorithm(signer.getAlgorithmIdentifier());
        return new SignerInfo(signerIdentifier, digestAlg, signedAttr, digestEncryptionAlgorithm, new DEROctetString(sigBytes), unsignedAttr);
    } catch (IOException e) {
        throw new CMSException("encoding error.", e);
    }
}
Also used : SignerInfo(org.bouncycastle.asn1.cms.SignerInfo) ASN1Set(org.bouncycastle.asn1.ASN1Set) OutputStream(java.io.OutputStream) TeeOutputStream(org.bouncycastle.util.io.TeeOutputStream) AttributeTable(org.bouncycastle.asn1.cms.AttributeTable) IOException(java.io.IOException) HashMap(java.util.HashMap) Map(java.util.Map) DEROctetString(org.bouncycastle.asn1.DEROctetString) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Example 40 with AlgorithmIdentifier

use of org.apache.harmony.security.x509.AlgorithmIdentifier in project robovm by robovm.

the class JCEECPrivateKey method getEncoded.

/**
     * Return a PKCS8 representation of the key. The sequence returned
     * represents a full PrivateKeyInfo object.
     *
     * @return a PKCS8 representation of the key.
     */
public byte[] getEncoded() {
    X962Parameters params;
    if (ecSpec instanceof ECNamedCurveSpec) {
        DERObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec) ecSpec).getName());
        if (// guess it's the OID
        curveOid == null) {
            curveOid = new DERObjectIdentifier(((ECNamedCurveSpec) ecSpec).getName());
        }
        params = new X962Parameters(curveOid);
    } else if (ecSpec == null) {
        params = new X962Parameters(DERNull.INSTANCE);
    } else {
        ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
        X9ECParameters ecP = new X9ECParameters(curve, EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), ecSpec.getOrder(), BigInteger.valueOf(ecSpec.getCofactor()), ecSpec.getCurve().getSeed());
        params = new X962Parameters(ecP);
    }
    PrivateKeyInfo info;
    ECPrivateKeyStructure keyStructure;
    if (publicKey != null) {
        keyStructure = new ECPrivateKeyStructure(this.getS(), publicKey, params);
    } else {
        keyStructure = new ECPrivateKeyStructure(this.getS(), params);
    }
    try {
        // BEGIN android-removed
        // if (algorithm.equals("ECGOST3410"))
        // {
        //     info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive());
        // }
        // else
        // END android-removed
        {
            info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()), keyStructure.toASN1Primitive());
        }
        return info.getEncoded(ASN1Encoding.DER);
    } catch (IOException e) {
        return null;
    }
}
Also used : X962Parameters(org.bouncycastle.asn1.x9.X962Parameters) X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters) ECCurve(org.bouncycastle.math.ec.ECCurve) ECPrivateKeyStructure(org.bouncycastle.asn1.sec.ECPrivateKeyStructure) IOException(java.io.IOException) DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier) PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo) ECNamedCurveSpec(org.bouncycastle.jce.spec.ECNamedCurveSpec) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Aggregations

AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)31 IOException (java.io.IOException)16 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)11 DERObjectIdentifier (org.bouncycastle.asn1.DERObjectIdentifier)11 X962Parameters (org.bouncycastle.asn1.x9.X962Parameters)10 X9ECParameters (org.bouncycastle.asn1.x9.X9ECParameters)10 BigInteger (java.math.BigInteger)9 X509Certificate (java.security.cert.X509Certificate)8 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)8 SubjectPublicKeyInfo (org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)8 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)7 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)7 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)6 ECNamedCurveSpec (org.bouncycastle.jce.spec.ECNamedCurveSpec)6 ECCurve (org.bouncycastle.math.ec.ECCurve)6 OperatorCreationException (org.bouncycastle.operator.OperatorCreationException)6 ASN1EncodableVector (com.android.org.bouncycastle.asn1.ASN1EncodableVector)5 ASN1InputStream (com.android.org.bouncycastle.asn1.ASN1InputStream)5 ASN1Integer (com.android.org.bouncycastle.asn1.ASN1Integer)5 ASN1ObjectIdentifier (com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier)5