Example 36 with ASN1ObjectIdentifier
use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project android_frameworks_base by crdroidandroid.
the class AndroidKeyStoreKeyPairGeneratorSpi method generateSelfSignedCertificateWithFakeSignature.
@SuppressWarnings("deprecation")
private X509Certificate generateSelfSignedCertificateWithFakeSignature(PublicKey publicKey) throws IOException, CertificateParsingException {
V3TBSCertificateGenerator tbsGenerator = new V3TBSCertificateGenerator();
ASN1ObjectIdentifier sigAlgOid;
AlgorithmIdentifier sigAlgId;
byte[] signature;
switch(mKeymasterAlgorithm) {
case KeymasterDefs.KM_ALGORITHM_EC:
sigAlgOid = X9ObjectIdentifiers.ecdsa_with_SHA256;
sigAlgId = new AlgorithmIdentifier(sigAlgOid);
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(new DERInteger(0));
v.add(new DERInteger(0));
signature = new DERSequence().getEncoded();
break;
case KeymasterDefs.KM_ALGORITHM_RSA:
sigAlgOid = PKCSObjectIdentifiers.sha256WithRSAEncryption;
sigAlgId = new AlgorithmIdentifier(sigAlgOid, DERNull.INSTANCE);
signature = new byte[1];
break;
default:
throw new ProviderException("Unsupported key algorithm: " + mKeymasterAlgorithm);
}
try (ASN1InputStream publicKeyInfoIn = new ASN1InputStream(publicKey.getEncoded())) {
tbsGenerator.setSubjectPublicKeyInfo(SubjectPublicKeyInfo.getInstance(publicKeyInfoIn.readObject()));
}
tbsGenerator.setSerialNumber(new ASN1Integer(mSpec.getCertificateSerialNumber()));
X509Principal subject = new X509Principal(mSpec.getCertificateSubject().getEncoded());
tbsGenerator.setSubject(subject);
tbsGenerator.setIssuer(subject);
tbsGenerator.setStartDate(new Time(mSpec.getCertificateNotBefore()));
tbsGenerator.setEndDate(new Time(mSpec.getCertificateNotAfter()));
tbsGenerator.setSignature(sigAlgId);
TBSCertificate tbsCertificate = tbsGenerator.generateTBSCertificate();
ASN1EncodableVector result = new ASN1EncodableVector();
result.add(tbsCertificate);
result.add(sigAlgId);
result.add(new DERBitString(signature));
return new X509CertificateObject(Certificate.getInstance(new DERSequence(result)));
}
Also used :
ASN1InputStream(com.android.org.bouncycastle.asn1.ASN1InputStream)
ProviderException(java.security.ProviderException)
Time(com.android.org.bouncycastle.asn1.x509.Time)
DERBitString(com.android.org.bouncycastle.asn1.DERBitString)
ASN1Integer(com.android.org.bouncycastle.asn1.ASN1Integer)
AlgorithmIdentifier(com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier)
DERInteger(com.android.org.bouncycastle.asn1.DERInteger)
DERSequence(com.android.org.bouncycastle.asn1.DERSequence)
X509CertificateObject(com.android.org.bouncycastle.jce.provider.X509CertificateObject)
X509Principal(com.android.org.bouncycastle.jce.X509Principal)
ASN1EncodableVector(com.android.org.bouncycastle.asn1.ASN1EncodableVector)
V3TBSCertificateGenerator(com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator)
TBSCertificate(com.android.org.bouncycastle.asn1.x509.TBSCertificate)
ASN1ObjectIdentifier(com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 37 with ASN1ObjectIdentifier
use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project pdfbox by apache.
the class TSAClient method getTimeStampToken.
/**
* @param messageImprint imprint of message contents
* @return the encoded time stamp token
* @throws IOException if there was an error with the connection or data from the TSA server,
* or if the time stamp response could not be validated
*/
public byte[] getTimeStampToken(byte[] messageImprint) throws IOException {
digest.reset();
byte[] hash = digest.digest(messageImprint);
// 32-bit cryptographic nonce
SecureRandom random = new SecureRandom();
int nonce = random.nextInt();
// generate TSA request
TimeStampRequestGenerator tsaGenerator = new TimeStampRequestGenerator();
tsaGenerator.setCertReq(true);
ASN1ObjectIdentifier oid = getHashObjectIdentifier(digest.getAlgorithm());
TimeStampRequest request = tsaGenerator.generate(oid, hash, BigInteger.valueOf(nonce));
// get TSA response
byte[] tsaResponse = getTSAResponse(request.getEncoded());
TimeStampResponse response;
try {
response = new TimeStampResponse(tsaResponse);
response.validate(request);
} catch (TSPException e) {
throw new IOException(e);
}
TimeStampToken token = response.getTimeStampToken();
if (token == null) {
throw new IOException("Response does not have a time stamp token");
}
return token.getEncoded();
}
Also used :
TimeStampResponse(org.bouncycastle.tsp.TimeStampResponse)
SecureRandom(java.security.SecureRandom)
TimeStampRequestGenerator(org.bouncycastle.tsp.TimeStampRequestGenerator)
TSPException(org.bouncycastle.tsp.TSPException)
IOException(java.io.IOException)
TimeStampToken(org.bouncycastle.tsp.TimeStampToken)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
TimeStampRequest(org.bouncycastle.tsp.TimeStampRequest)
Example 38 with ASN1ObjectIdentifier
use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project pdfbox by apache.
the class CertInformationHelper method getAuthorityInfoExtensionValue.
/**
* Extracts authority information access extension values from the given data. The Data
* structure has to be implemented as described in RFC 2459, 4.2.2.1.
*
* @param extensionValue byte[] of the extension value.
* @param certInfo where to put the found values
* @throws IOException when there is a problem with the extensionValue
*/
protected static void getAuthorityInfoExtensionValue(byte[] extensionValue, CertSignatureInformation certInfo) throws IOException {
ASN1Sequence asn1Seq = (ASN1Sequence) X509ExtensionUtil.fromExtensionValue(extensionValue);
Enumeration<?> objects = asn1Seq.getObjects();
while (objects.hasMoreElements()) {
// AccessDescription
ASN1Sequence obj = (ASN1Sequence) objects.nextElement();
ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) obj.getObjectAt(0);
// accessLocation
DERTaggedObject location = (DERTaggedObject) obj.getObjectAt(1);
if (oid.equals(X509ObjectIdentifiers.id_ad_ocsp) && location.getTagNo() == GeneralName.uniformResourceIdentifier) {
DEROctetString url = (DEROctetString) location.getObject();
certInfo.setOcspUrl(new String(url.getOctets()));
} else if (oid.equals(X509ObjectIdentifiers.id_ad_caIssuers)) {
DEROctetString uri = (DEROctetString) location.getObject();
certInfo.setIssuerUrl(new String(uri.getOctets()));
}
}
}
Also used :
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
Example 39 with ASN1ObjectIdentifier
use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project keystore-explorer by kaikramer.
the class X509Ext method getMsCertificateTemplateStringValue.
private String getMsCertificateTemplateStringValue(byte[] octets) {
// @formatter:off
/*
CertificateTemplate ::= SEQUENCE
{
templateID EncodedObjectID,
templateMajorVersion TemplateVersion,
templateMinorVersion TemplateVersion OPTIONAL
}
TemplateVersion ::= INTEGER (0..4294967295)
*/
// @formatter:on
ASN1Sequence asn1Sequence = ASN1Sequence.getInstance(octets);
ASN1ObjectIdentifier templateID = (ASN1ObjectIdentifier) asn1Sequence.getObjectAt(0);
ASN1Integer majorVersion = (ASN1Integer) asn1Sequence.getObjectAt(1);
ASN1Integer minorVersion = (ASN1Integer) asn1Sequence.getObjectAt(2);
StringBuilder sb = new StringBuilder();
sb.append(MessageFormat.format(res.getString("MSCertificateTemplate.ID"), templateID.getId()));
sb.append(NEWLINE);
sb.append(MessageFormat.format(res.getString("MSCertificateTemplate.MajorVersion"), majorVersion));
sb.append(NEWLINE);
if (minorVersion != null) {
sb.append(MessageFormat.format(res.getString("MSCertificateTemplate.MinorVersion"), minorVersion));
sb.append(NEWLINE);
}
return sb.toString();
}
Also used :
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 40 with ASN1ObjectIdentifier
use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project keystore-explorer by kaikramer.
the class X509Ext method getSMIMECapabilitiesStringValue.
private String getSMIMECapabilitiesStringValue(byte[] octets) throws IOException {
// @formatter:off
/*
SMIMECapabilities ::= SEQUENCE OF SMIMECapability
SMIMECapability ::= SEQUENCE
{
capabilityID OBJECT IDENTIFIER,
parameters ANY DEFINED BY capabilityID OPTIONAL
}
*/
// @formatter:on
StringBuilder sb = new StringBuilder();
int capabilityNr = 0;
ASN1Sequence asn1Sequence = ASN1Sequence.getInstance(octets);
for (ASN1Encodable asn1Encodable : asn1Sequence.toArray()) {
SMIMECapability capability = SMIMECapability.getInstance(asn1Encodable);
ASN1ObjectIdentifier oid = capability.getCapabilityID();
ASN1Encodable parameters = capability.getParameters();
sb.append(MessageFormat.format(res.getString("SMIMECapability"), ++capabilityNr));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(MessageFormat.format(res.getString("SMIMECapability.ObjectID"), ObjectIdUtil.toString(oid)));
sb.append(NEWLINE);
if (parameters != null) {
sb.append(INDENT);
sb.append(MessageFormat.format(res.getString("SMIMECapability.Parameter"), HexUtil.getHexString(parameters.toASN1Primitive().getEncoded())));
sb.append(NEWLINE);
}
}
return sb.toString();
}
Also used :
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
SMIMECapability(org.bouncycastle.asn1.smime.SMIMECapability)
IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint)
CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)
DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Aggregations
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)331
IOException (java.io.IOException)85
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)80
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)61
DEROctetString (org.bouncycastle.asn1.DEROctetString)60
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)57
DERIA5String (org.bouncycastle.asn1.DERIA5String)57
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)52
DERUTF8String (org.bouncycastle.asn1.DERUTF8String)50
DERSequence (org.bouncycastle.asn1.DERSequence)47
DERPrintableString (org.bouncycastle.asn1.DERPrintableString)44
ASN1String (org.bouncycastle.asn1.ASN1String)41
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)38
ASN1Integer (org.bouncycastle.asn1.ASN1Integer)37
Extension (org.bouncycastle.asn1.x509.Extension)36
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)35
ArrayList (java.util.ArrayList)34
BigInteger (java.math.BigInteger)33
X500Name (org.bouncycastle.asn1.x500.X500Name)33
HashSet (java.util.HashSet)31
