Search in sources :

Example 96 with ASN1Sequence

use of org.bouncycastle.asn1.ASN1Sequence in project jruby-openssl by jruby.

the class OCSPRequest method addNonceImpl.

// BC doesn't have support for nonces... gotta do things manually
private void addNonceImpl() {
    GeneralName requestorName = null;
    ASN1Sequence requestList = new DERSequence();
    Extensions extensions = null;
    Signature sig = null;
    List<Extension> tmpExtensions = new ArrayList<Extension>();
    if (asn1bcReq != null) {
        TBSRequest currentTbsReq = asn1bcReq.getTbsRequest();
        extensions = currentTbsReq.getRequestExtensions();
        sig = asn1bcReq.getOptionalSignature();
        Enumeration<ASN1ObjectIdentifier> oids = extensions.oids();
        while (oids.hasMoreElements()) {
            tmpExtensions.add(extensions.getExtension(oids.nextElement()));
        }
    }
    tmpExtensions.add(new Extension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce, false, nonce));
    Extension[] exts = new Extension[tmpExtensions.size()];
    Extensions newExtensions = new Extensions(tmpExtensions.toArray(exts));
    TBSRequest newTbsReq = new TBSRequest(requestorName, requestList, newExtensions);
    asn1bcReq = new org.bouncycastle.asn1.ocsp.OCSPRequest(newTbsReq, sig);
}
Also used : ArrayList(java.util.ArrayList) Extensions(org.bouncycastle.asn1.x509.Extensions) TBSRequest(org.bouncycastle.asn1.ocsp.TBSRequest) Extension(org.bouncycastle.asn1.x509.Extension) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) DERSequence(org.bouncycastle.asn1.DERSequence) Signature(org.bouncycastle.asn1.ocsp.Signature) GeneralName(org.bouncycastle.asn1.x509.GeneralName) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 97 with ASN1Sequence

use of org.bouncycastle.asn1.ASN1Sequence in project jruby-openssl by jruby.

the class EncContent method fromASN1.

/**
 * EncryptedContentInfo ::= SEQUENCE {
 *   contentType ContentType,
 *   contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
 *   encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL }
 *
 * EncryptedContent ::= OCTET STRING
 */
public static EncContent fromASN1(final ASN1Encodable content) {
    final ASN1Sequence sequence = (ASN1Sequence) content;
    ASN1ObjectIdentifier contentType = (ASN1ObjectIdentifier) (sequence.getObjectAt(0));
    final EncContent ec = new EncContent();
    ec.setContentType(ASN1Registry.oid2nid(contentType));
    ec.setAlgorithm(AlgorithmIdentifier.getInstance(sequence.getObjectAt(1)));
    if (sequence.size() > 2 && sequence.getObjectAt(2) instanceof ASN1TaggedObject && ((ASN1TaggedObject) (sequence.getObjectAt(2))).getTagNo() == 0) {
        ASN1Encodable ee = ((ASN1TaggedObject) (sequence.getObjectAt(2))).getObject();
        if (ee instanceof ASN1Sequence && ((ASN1Sequence) ee).size() > 0) {
            ByteList combinedOctets = new ByteList();
            Enumeration enm = ((ASN1Sequence) ee).getObjects();
            while (enm.hasMoreElements()) {
                byte[] octets = ((ASN1OctetString) enm.nextElement()).getOctets();
                combinedOctets.append(octets);
            }
            ec.setEncData(new DEROctetString(combinedOctets.bytes()));
        } else {
            ec.setEncData((ASN1OctetString) ee);
        }
    }
    return ec;
}
Also used : ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) ByteList(org.jruby.util.ByteList) Enumeration(java.util.Enumeration) ASN1TaggedObject(org.bouncycastle.asn1.ASN1TaggedObject) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) DEROctetString(org.bouncycastle.asn1.DEROctetString)

Example 98 with ASN1Sequence

use of org.bouncycastle.asn1.ASN1Sequence in project jruby-openssl by jruby.

the class PEMInputOutput method derivePrivateKeyPBES2.

private static PrivateKey derivePrivateKeyPBES2(EncryptedPrivateKeyInfo eIn, AlgorithmIdentifier algId, char[] password) throws GeneralSecurityException, InvalidCipherTextException {
    PBES2Parameters pbeParams = PBES2Parameters.getInstance((ASN1Sequence) algId.getParameters());
    CipherParameters cipherParams = extractPBES2CipherParams(password, pbeParams);
    EncryptionScheme scheme = pbeParams.getEncryptionScheme();
    BufferedBlockCipher cipher;
    if (scheme.getAlgorithm().equals(PKCSObjectIdentifiers.RC2_CBC)) {
        RC2CBCParameter rc2Params = RC2CBCParameter.getInstance(scheme);
        byte[] iv = rc2Params.getIV();
        CipherParameters param = new ParametersWithIV(cipherParams, iv);
        cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new RC2Engine()));
        cipher.init(false, param);
    } else {
        byte[] iv = ASN1OctetString.getInstance(scheme.getParameters()).getOctets();
        CipherParameters param = new ParametersWithIV(cipherParams, iv);
        cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESedeEngine()));
        cipher.init(false, param);
    }
    byte[] data = eIn.getEncryptedData();
    byte[] out = new byte[cipher.getOutputSize(data.length)];
    int len = cipher.processBytes(data, 0, data.length, out, 0);
    len += cipher.doFinal(out, len);
    byte[] pkcs8 = new byte[len];
    System.arraycopy(out, 0, pkcs8, 0, len);
    // It seems to work for both RSA and DSA.
    KeyFactory fact = SecurityHelper.getKeyFactory("RSA");
    return fact.generatePrivate(new PKCS8EncodedKeySpec(pkcs8));
}
Also used : PBES2Parameters(org.bouncycastle.asn1.pkcs.PBES2Parameters) EncryptionScheme(org.bouncycastle.asn1.pkcs.EncryptionScheme) PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) RC2Engine(org.bouncycastle.crypto.engines.RC2Engine) RC2CBCParameter(org.bouncycastle.asn1.pkcs.RC2CBCParameter) CipherParameters(org.bouncycastle.crypto.CipherParameters) ParametersWithIV(org.bouncycastle.crypto.params.ParametersWithIV) BufferedBlockCipher(org.bouncycastle.crypto.BufferedBlockCipher) PaddedBufferedBlockCipher(org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) CBCBlockCipher(org.bouncycastle.crypto.modes.CBCBlockCipher) DESedeEngine(org.bouncycastle.crypto.engines.DESedeEngine) SecretKeyFactory(javax.crypto.SecretKeyFactory) KeyFactory(java.security.KeyFactory)

Example 99 with ASN1Sequence

use of org.bouncycastle.asn1.ASN1Sequence in project jruby-openssl by jruby.

the class PKey method readRSAPrivateKey.

public static KeyPair readRSAPrivateKey(final KeyFactory rsaFactory, final byte[] input) throws IOException, InvalidKeySpecException {
    ASN1Sequence seq = (ASN1Sequence) new ASN1InputStream(input).readObject();
    if (seq.size() == 9) {
        BigInteger mod = ((ASN1Integer) seq.getObjectAt(1)).getValue();
        BigInteger pubexp = ((ASN1Integer) seq.getObjectAt(2)).getValue();
        BigInteger privexp = ((ASN1Integer) seq.getObjectAt(3)).getValue();
        BigInteger primep = ((ASN1Integer) seq.getObjectAt(4)).getValue();
        BigInteger primeq = ((ASN1Integer) seq.getObjectAt(5)).getValue();
        BigInteger primeep = ((ASN1Integer) seq.getObjectAt(6)).getValue();
        BigInteger primeeq = ((ASN1Integer) seq.getObjectAt(7)).getValue();
        BigInteger crtcoeff = ((ASN1Integer) seq.getObjectAt(8)).getValue();
        PrivateKey priv = rsaFactory.generatePrivate(new RSAPrivateCrtKeySpec(mod, pubexp, privexp, primep, primeq, primeep, primeeq, crtcoeff));
        PublicKey pub = rsaFactory.generatePublic(new RSAPublicKeySpec(mod, pubexp));
        return new KeyPair(pub, priv);
    }
    return null;
}
Also used : RSAPrivateCrtKeySpec(java.security.spec.RSAPrivateCrtKeySpec) ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) KeyPair(java.security.KeyPair) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) ECPrivateKey(java.security.interfaces.ECPrivateKey) PrivateKey(java.security.PrivateKey) RSAPublicKey(java.security.interfaces.RSAPublicKey) PublicKey(java.security.PublicKey) DSAPublicKey(java.security.interfaces.DSAPublicKey) ECPublicKey(java.security.interfaces.ECPublicKey) BigInteger(java.math.BigInteger) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec)

Example 100 with ASN1Sequence

use of org.bouncycastle.asn1.ASN1Sequence in project jruby-openssl by jruby.

the class PKey method readECPrivateKey.

public static KeyPair readECPrivateKey(final KeyFactory ecFactory, final byte[] input) throws IOException, InvalidKeySpecException {
    try {
        ECPrivateKeyStructure pKey = new ECPrivateKeyStructure((ASN1Sequence) ASN1Primitive.fromByteArray(input));
        AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, pKey.getParameters());
        PrivateKeyInfo privInfo = new PrivateKeyInfo(algId, pKey.toASN1Primitive());
        SubjectPublicKeyInfo pubInfo = new SubjectPublicKeyInfo(algId, pKey.getPublicKey().getBytes());
        PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(privInfo.getEncoded());
        X509EncodedKeySpec pubSpec = new X509EncodedKeySpec(pubInfo.getEncoded());
        // KeyFactory            fact = KeyFactory.getInstance("ECDSA", provider);
        ECPrivateKey privateKey = (ECPrivateKey) ecFactory.generatePrivate(privSpec);
        if (algId.getParameters() instanceof ASN1ObjectIdentifier) {
            privateKey = ECPrivateKeyWithName.wrap(privateKey, (ASN1ObjectIdentifier) algId.getParameters());
        }
        return new KeyPair(ecFactory.generatePublic(pubSpec), privateKey);
    } catch (ClassCastException ex) {
        throw new IOException("wrong ASN.1 object found in stream", ex);
    }
// catch (Exception ex) {
// throw new IOException("problem parsing EC private key: " + ex);
// }
}
Also used : ECPrivateKey(java.security.interfaces.ECPrivateKey) KeyPair(java.security.KeyPair) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) ECPrivateKeyStructure(org.bouncycastle.asn1.sec.ECPrivateKeyStructure) IOException(java.io.IOException) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Aggregations

ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)202 IOException (java.io.IOException)83 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)61 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)59 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)52 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)46 DEROctetString (org.bouncycastle.asn1.DEROctetString)41 CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)40 ArrayList (java.util.ArrayList)39 ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)39 BigInteger (java.math.BigInteger)38 DERIA5String (org.bouncycastle.asn1.DERIA5String)38 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)37 DERSequence (org.bouncycastle.asn1.DERSequence)37 Enumeration (java.util.Enumeration)36 DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)36 X509Certificate (java.security.cert.X509Certificate)34 ASN1Primitive (org.bouncycastle.asn1.ASN1Primitive)33 IssuingDistributionPoint (org.bouncycastle.asn1.x509.IssuingDistributionPoint)32 DERPrintableString (org.bouncycastle.asn1.DERPrintableString)29