Example 1 with ASN1Primitive
use of org.bouncycastle.asn1.ASN1Primitive in project robovm by robovm.
the class CertPathValidatorUtilities method getObject.
private static ASN1Primitive getObject(String oid, byte[] ext) throws AnnotatedException {
try {
ASN1InputStream aIn = new ASN1InputStream(ext);
ASN1OctetString octs = (ASN1OctetString) aIn.readObject();
aIn = new ASN1InputStream(octs.getOctets());
return aIn.readObject();
} catch (Exception e) {
throw new AnnotatedException("exception processing extension " + oid, e);
}
}
Also used :
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream)
GeneralSecurityException(java.security.GeneralSecurityException)
CertPathValidatorException(java.security.cert.CertPathValidatorException)
ParseException(java.text.ParseException)
ExtCertPathValidatorException(org.bouncycastle.jce.exception.ExtCertPathValidatorException)
CertStoreException(java.security.cert.CertStoreException)
CRLException(java.security.cert.CRLException)
CertificateParsingException(java.security.cert.CertificateParsingException)
StoreException(org.bouncycastle.util.StoreException)
IOException(java.io.IOException)
Example 2 with ASN1Primitive
use of org.bouncycastle.asn1.ASN1Primitive in project robovm by robovm.
the class JCEECPrivateKey method populateFromPrivKeyInfo.
private void populateFromPrivKeyInfo(PrivateKeyInfo info) throws IOException {
X962Parameters params = new X962Parameters((ASN1Primitive) info.getPrivateKeyAlgorithm().getParameters());
if (params.isNamedCurve()) {
ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters());
X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
// BEGIN android-removed
// if (ecP == null) // GOST Curve
// {
// ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid);
// EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed());
//
// ecSpec = new ECNamedCurveSpec(
// ECGOST3410NamedCurves.getName(oid),
// ellipticCurve,
// new ECPoint(
// gParam.getG().getX().toBigInteger(),
// gParam.getG().getY().toBigInteger()),
// gParam.getN(),
// gParam.getH());
// }
// else
// END android-removed
{
EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
ecSpec = new ECNamedCurveSpec(ECUtil.getCurveName(oid), ellipticCurve, new ECPoint(ecP.getG().getX().toBigInteger(), ecP.getG().getY().toBigInteger()), ecP.getN(), ecP.getH());
}
} else if (params.isImplicitlyCA()) {
ecSpec = null;
} else {
X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters());
EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
this.ecSpec = new ECParameterSpec(ellipticCurve, new ECPoint(ecP.getG().getX().toBigInteger(), ecP.getG().getY().toBigInteger()), ecP.getN(), ecP.getH().intValue());
}
ASN1Encodable privKey = info.parsePrivateKey();
if (privKey instanceof DERInteger) {
DERInteger derD = DERInteger.getInstance(privKey);
this.d = derD.getValue();
} else {
ECPrivateKeyStructure ec = new ECPrivateKeyStructure((ASN1Sequence) privKey);
this.d = ec.getKey();
this.publicKey = ec.getPublicKey();
}
}
Also used :
X962Parameters(org.bouncycastle.asn1.x9.X962Parameters)
X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters)
EllipticCurve(java.security.spec.EllipticCurve)
ECParameterSpec(java.security.spec.ECParameterSpec)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
ECPrivateKeyStructure(org.bouncycastle.asn1.sec.ECPrivateKeyStructure)
ECPoint(java.security.spec.ECPoint)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
ECNamedCurveSpec(org.bouncycastle.jce.spec.ECNamedCurveSpec)
DERInteger(org.bouncycastle.asn1.DERInteger)
Example 3 with ASN1Primitive
use of org.bouncycastle.asn1.ASN1Primitive in project robovm by robovm.
the class CertPathValidatorUtilities method getDeltaCRLs.
/**
* Fetches delta CRLs according to RFC 3280 section 5.2.4.
*
* @param currentDate The date for which the delta CRLs must be valid.
* @param paramsPKIX The extended PKIX parameters.
* @param completeCRL The complete CRL the delta CRL is for.
* @return A <code>Set</code> of <code>X509CRL</code>s with delta CRLs.
* @throws AnnotatedException if an exception occurs while picking the delta
* CRLs.
*/
protected static Set getDeltaCRLs(Date currentDate, ExtendedPKIXParameters paramsPKIX, X509CRL completeCRL) throws AnnotatedException {
X509CRLStoreSelector deltaSelect = new X509CRLStoreSelector();
// 5.2.4 (a)
try {
deltaSelect.addIssuerName(CertPathValidatorUtilities.getIssuerPrincipal(completeCRL).getEncoded());
} catch (IOException e) {
throw new AnnotatedException("Cannot extract issuer from CRL.", e);
}
BigInteger completeCRLNumber = null;
try {
ASN1Primitive derObject = CertPathValidatorUtilities.getExtensionValue(completeCRL, CRL_NUMBER);
if (derObject != null) {
completeCRLNumber = ASN1Integer.getInstance(derObject).getPositiveValue();
}
} catch (Exception e) {
throw new AnnotatedException("CRL number extension could not be extracted from CRL.", e);
}
// 5.2.4 (b)
byte[] idp = null;
try {
idp = completeCRL.getExtensionValue(ISSUING_DISTRIBUTION_POINT);
} catch (Exception e) {
throw new AnnotatedException("Issuing distribution point extension value could not be read.", e);
}
// 5.2.4 (d)
deltaSelect.setMinCRLNumber(completeCRLNumber == null ? null : completeCRLNumber.add(BigInteger.valueOf(1)));
deltaSelect.setIssuingDistributionPoint(idp);
deltaSelect.setIssuingDistributionPointEnabled(true);
// 5.2.4 (c)
deltaSelect.setMaxBaseCRLNumber(completeCRLNumber);
// find delta CRLs
Set temp = CRL_UTIL.findCRLs(deltaSelect, paramsPKIX, currentDate);
Set result = new HashSet();
for (Iterator it = temp.iterator(); it.hasNext(); ) {
X509CRL crl = (X509CRL) it.next();
if (isDeltaCRL(crl)) {
result.add(crl);
}
}
return result;
}
Also used :
X509CRLStoreSelector(org.bouncycastle.x509.X509CRLStoreSelector)
Set(java.util.Set)
HashSet(java.util.HashSet)
X509CRL(java.security.cert.X509CRL)
Iterator(java.util.Iterator)
BigInteger(java.math.BigInteger)
IOException(java.io.IOException)
ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive)
GeneralSecurityException(java.security.GeneralSecurityException)
CertPathValidatorException(java.security.cert.CertPathValidatorException)
ParseException(java.text.ParseException)
ExtCertPathValidatorException(org.bouncycastle.jce.exception.ExtCertPathValidatorException)
CertStoreException(java.security.cert.CertStoreException)
CRLException(java.security.cert.CRLException)
CertificateParsingException(java.security.cert.CertificateParsingException)
StoreException(org.bouncycastle.util.StoreException)
IOException(java.io.IOException)
HashSet(java.util.HashSet)
Example 4 with ASN1Primitive
use of org.bouncycastle.asn1.ASN1Primitive in project robovm by robovm.
the class RSAPrivateKey method toASN1Primitive.
/**
* This outputs the key in PKCS1v2 format.
* <pre>
* RSAPrivateKey ::= SEQUENCE {
* version Version,
* modulus INTEGER, -- n
* publicExponent INTEGER, -- e
* privateExponent INTEGER, -- d
* prime1 INTEGER, -- p
* prime2 INTEGER, -- q
* exponent1 INTEGER, -- d mod (p-1)
* exponent2 INTEGER, -- d mod (q-1)
* coefficient INTEGER, -- (inverse of q) mod p
* otherPrimeInfos OtherPrimeInfos OPTIONAL
* }
*
* Version ::= INTEGER { two-prime(0), multi(1) }
* (CONSTRAINED BY {-- version must be multi if otherPrimeInfos present --})
* </pre>
* <p>
* This routine is written to output PKCS1 version 2.1, private keys.
*/
public ASN1Primitive toASN1Primitive() {
ASN1EncodableVector v = new ASN1EncodableVector();
// version
v.add(new ASN1Integer(version));
v.add(new ASN1Integer(getModulus()));
v.add(new ASN1Integer(getPublicExponent()));
v.add(new ASN1Integer(getPrivateExponent()));
v.add(new ASN1Integer(getPrime1()));
v.add(new ASN1Integer(getPrime2()));
v.add(new ASN1Integer(getExponent1()));
v.add(new ASN1Integer(getExponent2()));
v.add(new ASN1Integer(getCoefficient()));
if (otherPrimeInfos != null) {
v.add(otherPrimeInfos);
}
return new DERSequence(v);
}
Also used :
DERSequence(org.bouncycastle.asn1.DERSequence)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
Example 5 with ASN1Primitive
use of org.bouncycastle.asn1.ASN1Primitive in project robovm by robovm.
the class RSAPrivateKeyStructure method toASN1Primitive.
/**
* This outputs the key in PKCS1v2 format.
* <pre>
* RSAPrivateKey ::= SEQUENCE {
* version Version,
* modulus INTEGER, -- n
* publicExponent INTEGER, -- e
* privateExponent INTEGER, -- d
* prime1 INTEGER, -- p
* prime2 INTEGER, -- q
* exponent1 INTEGER, -- d mod (p-1)
* exponent2 INTEGER, -- d mod (q-1)
* coefficient INTEGER, -- (inverse of q) mod p
* otherPrimeInfos OtherPrimeInfos OPTIONAL
* }
*
* Version ::= INTEGER { two-prime(0), multi(1) }
* (CONSTRAINED BY {-- version must be multi if otherPrimeInfos present --})
* </pre>
* <p>
* This routine is written to output PKCS1 version 2.1, private keys.
*/
public ASN1Primitive toASN1Primitive() {
ASN1EncodableVector v = new ASN1EncodableVector();
// version
v.add(new ASN1Integer(version));
v.add(new ASN1Integer(getModulus()));
v.add(new ASN1Integer(getPublicExponent()));
v.add(new ASN1Integer(getPrivateExponent()));
v.add(new ASN1Integer(getPrime1()));
v.add(new ASN1Integer(getPrime2()));
v.add(new ASN1Integer(getExponent1()));
v.add(new ASN1Integer(getExponent2()));
v.add(new ASN1Integer(getCoefficient()));
if (otherPrimeInfos != null) {
v.add(otherPrimeInfos);
}
return new DERSequence(v);
}
Also used :
DERSequence(org.bouncycastle.asn1.DERSequence)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
Aggregations
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)56
DERSequence (org.bouncycastle.asn1.DERSequence)47
ASN1Primitive (org.bouncycastle.asn1.ASN1Primitive)20
IOException (java.io.IOException)18
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)14
ASN1Integer (org.bouncycastle.asn1.ASN1Integer)12
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)11
DERTaggedObject (org.bouncycastle.asn1.DERTaggedObject)10
ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)9
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)8
Enumeration (java.util.Enumeration)7
BERSequence (org.bouncycastle.asn1.BERSequence)7
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)6
DERBitString (org.bouncycastle.asn1.DERBitString)6
DERIA5String (org.bouncycastle.asn1.DERIA5String)6
ByteArrayInputStream (java.io.ByteArrayInputStream)5
GeneralSecurityException (java.security.GeneralSecurityException)5
ASN1String (org.bouncycastle.asn1.ASN1String)5
DEROctetString (org.bouncycastle.asn1.DEROctetString)5
X962Parameters (org.bouncycastle.asn1.x9.X962Parameters)5
