Examples with ASN1ObjectIdentifier org.bouncycastle.asn1.ASN1ObjectIdentifier used on opensource projects

Search in sources :

Example 81 with ASN1ObjectIdentifier

use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class SubjectDnSpec method fixRdnControl.

// static
public static void fixRdnControl(RdnControl control) throws CertprofileException {
    ParamUtil.requireNonNull("control", control);
    ASN1ObjectIdentifier type = control.getType();
    StringType stringType = control.getStringType();
    if (stringType != null) {
        if (STRING_TYPE_SET.containsKey(type) && !STRING_TYPE_SET.get(type).contains(stringType)) {
            throw new CertprofileException(String.format("%s is not allowed %s", stringType.name(), type.getId()));
        }
    } else {
        StringType specStrType = DFLT_STRING_TYPES.get(type);
        if (specStrType != null) {
            control.setStringType(specStrType);
        }
    }
    if (control.getPatterns() == null && PATTERNS.containsKey(type)) {
        control.setPatterns(Arrays.asList(PATTERNS.get(type)));
    }
    Range specRange = RANGES.get(type);
    if (specRange == null) {
        control.setStringLengthRange(null);
        return;
    }
    Range isRange = control.getStringLengthRange();
    if (isRange == null) {
        control.setStringLengthRange(specRange);
        return;
    }
    boolean changed = false;
    Integer specMin = specRange.getMin();
    Integer min = isRange.getMin();
    if (min == null) {
        changed = true;
        min = specMin;
    } else if (specMin != null && specMin > min) {
        changed = true;
        min = specMin;
    }
    Integer specMax = specRange.getMax();
    Integer max = isRange.getMax();
    if (max == null) {
        changed = true;
        max = specMax;
    } else if (specMax != null && specMax < max) {
        changed = true;
        max = specMax;
    }
    if (changed) {
        isRange.setRange(min, max);
    }
// isRange
}
Also used : StringType(org.xipki.ca.api.profile.StringType) CertprofileException(org.xipki.ca.api.profile.CertprofileException) Range(org.xipki.ca.api.profile.Range) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 82 with ASN1ObjectIdentifier

use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class P12KeyGenerator method genECKeypair.

// CHECKSTYLE:SKIP
private KeyPairWithSubjectPublicKeyInfo genECKeypair(String curveNameOrOid, SecureRandom random) throws Exception {
    ASN1ObjectIdentifier curveOid = AlgorithmUtil.getCurveOidForCurveNameOrOid(curveNameOrOid);
    if (curveOid == null) {
        throw new IllegalArgumentException("invalid curveNameOrOid '" + curveNameOrOid + "'");
    }
    KeyPair kp = KeyUtil.generateECKeypair(curveOid, random);
    AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, curveOid);
    BCECPublicKey pub = (BCECPublicKey) kp.getPublic();
    byte[] keyData = pub.getQ().getEncoded(false);
    SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo(algId, keyData);
    return new KeyPairWithSubjectPublicKeyInfo(kp, subjectPublicKeyInfo);
}
Also used : KeyPair(java.security.KeyPair) BCECPublicKey(org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Example 83 with ASN1ObjectIdentifier

use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class P12KeyGenerator method getContentSigner.

// method generateIdentity
private static ContentSigner getContentSigner(PrivateKey key) throws Exception {
    BcContentSignerBuilder builder;
    if (key instanceof RSAPrivateKey) {
        ASN1ObjectIdentifier hashOid = X509ObjectIdentifiers.id_SHA1;
        ASN1ObjectIdentifier sigOid = PKCSObjectIdentifiers.sha1WithRSAEncryption;
        builder = new BcRSAContentSignerBuilder(buildAlgId(sigOid), buildAlgId(hashOid));
    } else if (key instanceof DSAPrivateKey) {
        ASN1ObjectIdentifier hashOid = X509ObjectIdentifiers.id_SHA1;
        AlgorithmIdentifier sigId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa_with_sha1);
        builder = new BcDSAContentSignerBuilder(sigId, buildAlgId(hashOid));
    } else if (key instanceof ECPrivateKey) {
        HashAlgo hashAlgo;
        ASN1ObjectIdentifier sigOid;
        int keysize = ((ECPrivateKey) key).getParams().getOrder().bitLength();
        if (keysize > 384) {
            hashAlgo = HashAlgo.SHA512;
            sigOid = X9ObjectIdentifiers.ecdsa_with_SHA512;
        } else if (keysize > 256) {
            hashAlgo = HashAlgo.SHA384;
            sigOid = X9ObjectIdentifiers.ecdsa_with_SHA384;
        } else if (keysize > 224) {
            hashAlgo = HashAlgo.SHA224;
            sigOid = X9ObjectIdentifiers.ecdsa_with_SHA224;
        } else if (keysize > 160) {
            hashAlgo = HashAlgo.SHA256;
            sigOid = X9ObjectIdentifiers.ecdsa_with_SHA256;
        } else {
            hashAlgo = HashAlgo.SHA1;
            sigOid = X9ObjectIdentifiers.ecdsa_with_SHA1;
        }
        builder = new BcECContentSignerBuilder(new AlgorithmIdentifier(sigOid), buildAlgId(hashAlgo.getOid()));
    } else {
        throw new IllegalArgumentException("unknown type of key " + key.getClass().getName());
    }
    return builder.build(KeyUtil.generatePrivateKeyParameter(key));
}
Also used : BcRSAContentSignerBuilder(org.bouncycastle.operator.bc.BcRSAContentSignerBuilder) ECPrivateKey(java.security.interfaces.ECPrivateKey) HashAlgo(org.xipki.security.HashAlgo) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) BcDSAContentSignerBuilder(org.bouncycastle.operator.bc.BcDSAContentSignerBuilder) BcECContentSignerBuilder(org.bouncycastle.operator.bc.BcECContentSignerBuilder) BcContentSignerBuilder(org.bouncycastle.operator.bc.BcContentSignerBuilder) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Example 84 with ASN1ObjectIdentifier

use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class AlgorithmUtil method getDSASigAlgId.

// method getRSASigAlgId
// CHECKSTYLE:SKIP
private static AlgorithmIdentifier getDSASigAlgId(HashAlgo hashAlgo) throws NoSuchAlgorithmException {
    ParamUtil.requireNonNull("hashAlgo", hashAlgo);
    ASN1ObjectIdentifier sigAlgOid = digestToDSASigAlgMap.get(hashAlgo);
    if (sigAlgOid == null) {
        throw new NoSuchAlgorithmException("unsupported hash " + hashAlgo + " for DSA key");
    }
    return new AlgorithmIdentifier(sigAlgOid);
}
Also used : NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Example 85 with ASN1ObjectIdentifier

use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class AlgorithmUtil method extractDigesetAlgFromSigAlg.

public static AlgorithmIdentifier extractDigesetAlgFromSigAlg(AlgorithmIdentifier sigAlgId) throws NoSuchAlgorithmException {
    ASN1ObjectIdentifier algOid = sigAlgId.getAlgorithm();
    ASN1ObjectIdentifier digestAlgOid;
    if (PKCSObjectIdentifiers.id_RSASSA_PSS.equals(algOid)) {
        ASN1Encodable asn1Encodable = sigAlgId.getParameters();
        RSASSAPSSparams param = RSASSAPSSparams.getInstance(asn1Encodable);
        digestAlgOid = param.getHashAlgorithm().getAlgorithm();
    } else {
        HashAlgo digestAlg = sigAlgOidToDigestMap.get(algOid);
        if (digestAlg == null) {
            throw new NoSuchAlgorithmException("unknown signature algorithm " + algOid.getId());
        }
        digestAlgOid = digestAlg.getOid();
    }
    return new AlgorithmIdentifier(digestAlgOid, DERNull.INSTANCE);
}
Also used : HashAlgo(org.xipki.security.HashAlgo) RSASSAPSSparams(org.bouncycastle.asn1.pkcs.RSASSAPSSparams) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Aggregations

ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)331 IOException (java.io.IOException)85 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)80 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)61 DEROctetString (org.bouncycastle.asn1.DEROctetString)60 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)57 DERIA5String (org.bouncycastle.asn1.DERIA5String)57 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)52 DERUTF8String (org.bouncycastle.asn1.DERUTF8String)50 DERSequence (org.bouncycastle.asn1.DERSequence)47 DERPrintableString (org.bouncycastle.asn1.DERPrintableString)44 ASN1String (org.bouncycastle.asn1.ASN1String)41 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)38 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)37 Extension (org.bouncycastle.asn1.x509.Extension)36 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)35 ArrayList (java.util.ArrayList)34 BigInteger (java.math.BigInteger)33 X500Name (org.bouncycastle.asn1.x500.X500Name)33 HashSet (java.util.HashSet)31
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial