use of org.bouncycastle.asn1.DERInteger in project XobotOS by xamarin.
the class MiscPEMGenerator method createPemObject.
private PemObject createPemObject(Object o) throws IOException {
String type;
byte[] encoding;
if (o instanceof PemObject) {
return (PemObject) o;
}
if (o instanceof PemObjectGenerator) {
return ((PemObjectGenerator) o).generate();
}
if (o instanceof X509Certificate) {
type = "CERTIFICATE";
try {
encoding = ((X509Certificate) o).getEncoded();
} catch (CertificateEncodingException e) {
throw new PemGenerationException("Cannot encode object: " + e.toString());
}
} else if (o instanceof X509CRL) {
type = "X509 CRL";
try {
encoding = ((X509CRL) o).getEncoded();
} catch (CRLException e) {
throw new PemGenerationException("Cannot encode object: " + e.toString());
}
} else if (o instanceof KeyPair) {
return createPemObject(((KeyPair) o).getPrivate());
} else if (o instanceof PrivateKey) {
PrivateKeyInfo info = new PrivateKeyInfo((ASN1Sequence) ASN1Object.fromByteArray(((Key) o).getEncoded()));
if (o instanceof RSAPrivateKey) {
type = "RSA PRIVATE KEY";
encoding = info.getPrivateKey().getEncoded();
} else if (o instanceof DSAPrivateKey) {
type = "DSA PRIVATE KEY";
DSAParameter p = DSAParameter.getInstance(info.getAlgorithmId().getParameters());
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(new DERInteger(0));
v.add(new DERInteger(p.getP()));
v.add(new DERInteger(p.getQ()));
v.add(new DERInteger(p.getG()));
BigInteger x = ((DSAPrivateKey) o).getX();
BigInteger y = p.getG().modPow(x, p.getP());
v.add(new DERInteger(y));
v.add(new DERInteger(x));
encoding = new DERSequence(v).getEncoded();
} else if (((PrivateKey) o).getAlgorithm().equals("ECDSA")) {
type = "EC PRIVATE KEY";
encoding = info.getPrivateKey().getEncoded();
} else {
throw new IOException("Cannot identify private key");
}
} else if (o instanceof PublicKey) {
type = "PUBLIC KEY";
encoding = ((PublicKey) o).getEncoded();
} else if (o instanceof X509AttributeCertificate) {
type = "ATTRIBUTE CERTIFICATE";
encoding = ((X509V2AttributeCertificate) o).getEncoded();
} else if (o instanceof PKCS10CertificationRequest) {
type = "CERTIFICATE REQUEST";
encoding = ((PKCS10CertificationRequest) o).getEncoded();
} else if (o instanceof ContentInfo) {
type = "PKCS7";
encoding = ((ContentInfo) o).getEncoded();
} else {
throw new PemGenerationException("unknown object passed - can't encode.");
}
return new PemObject(type, encoding);
}
use of org.bouncycastle.asn1.DERInteger in project XobotOS by xamarin.
the class MiscPEMGenerator method createPemObject.
private PemObject createPemObject(Object obj, String algorithm, char[] password, SecureRandom random) throws IOException {
if (obj instanceof KeyPair) {
return createPemObject(((KeyPair) obj).getPrivate(), algorithm, password, random);
}
String type = null;
byte[] keyData = null;
if (obj instanceof RSAPrivateCrtKey) {
type = "RSA PRIVATE KEY";
RSAPrivateCrtKey k = (RSAPrivateCrtKey) obj;
RSAPrivateKeyStructure keyStruct = new RSAPrivateKeyStructure(k.getModulus(), k.getPublicExponent(), k.getPrivateExponent(), k.getPrimeP(), k.getPrimeQ(), k.getPrimeExponentP(), k.getPrimeExponentQ(), k.getCrtCoefficient());
// convert to bytearray
keyData = keyStruct.getEncoded();
} else if (obj instanceof DSAPrivateKey) {
type = "DSA PRIVATE KEY";
DSAPrivateKey k = (DSAPrivateKey) obj;
DSAParams p = k.getParams();
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(new DERInteger(0));
v.add(new DERInteger(p.getP()));
v.add(new DERInteger(p.getQ()));
v.add(new DERInteger(p.getG()));
BigInteger x = k.getX();
BigInteger y = p.getG().modPow(x, p.getP());
v.add(new DERInteger(y));
v.add(new DERInteger(x));
keyData = new DERSequence(v).getEncoded();
} else if (obj instanceof PrivateKey && "ECDSA".equals(((PrivateKey) obj).getAlgorithm())) {
type = "EC PRIVATE KEY";
PrivateKeyInfo privInfo = PrivateKeyInfo.getInstance(ASN1Object.fromByteArray(((PrivateKey) obj).getEncoded()));
keyData = privInfo.getPrivateKey().getEncoded();
}
if (type == null || keyData == null) {
// TODO Support other types?
throw new IllegalArgumentException("Object type not supported: " + obj.getClass().getName());
}
String dekAlgName = Strings.toUpperCase(algorithm);
// Note: For backward compatibility
if (dekAlgName.equals("DESEDE")) {
dekAlgName = "DES-EDE3-CBC";
}
int ivLength = dekAlgName.startsWith("AES-") ? 16 : 8;
byte[] iv = new byte[ivLength];
random.nextBytes(iv);
byte[] encData = PEMUtilities.crypt(true, provider, keyData, password, dekAlgName, iv);
List headers = new ArrayList(2);
headers.add(new PemHeader("Proc-Type", "4,ENCRYPTED"));
headers.add(new PemHeader("DEK-Info", dekAlgName + "," + getHexEncoded(iv)));
return new PemObject(type, headers, encData);
}
use of org.bouncycastle.asn1.DERInteger in project XobotOS by xamarin.
the class RFC3280CertPathUtilities method prepareNextCertJ.
protected static int prepareNextCertJ(CertPath certPath, int index, int inhibitAnyPolicy) throws CertPathValidatorException {
List certs = certPath.getCertificates();
X509Certificate cert = (X509Certificate) certs.get(index);
//
// (j)
//
DERInteger iap = null;
try {
iap = DERInteger.getInstance(CertPathValidatorUtilities.getExtensionValue(cert, RFC3280CertPathUtilities.INHIBIT_ANY_POLICY));
} catch (Exception e) {
throw new ExtCertPathValidatorException("Inhibit any-policy extension cannot be decoded.", e, certPath, index);
}
if (iap != null) {
int _inhibitAnyPolicy = iap.getValue().intValue();
if (_inhibitAnyPolicy < inhibitAnyPolicy) {
return _inhibitAnyPolicy;
}
}
return inhibitAnyPolicy;
}
use of org.bouncycastle.asn1.DERInteger in project XobotOS by xamarin.
the class PrivateKeyFactory method createKey.
/**
* Create a private key parameter from the passed in PKCS8 PrivateKeyInfo object.
*
* @param keyInfo the PrivateKeyInfo object containing the key material
* @return a suitable private key parameter
* @throws IOException on an error decoding the key
*/
public static AsymmetricKeyParameter createKey(PrivateKeyInfo keyInfo) throws IOException {
AlgorithmIdentifier algId = keyInfo.getAlgorithmId();
if (algId.getAlgorithm().equals(PKCSObjectIdentifiers.rsaEncryption)) {
RSAPrivateKeyStructure keyStructure = new RSAPrivateKeyStructure((ASN1Sequence) keyInfo.getPrivateKey());
return new RSAPrivateCrtKeyParameters(keyStructure.getModulus(), keyStructure.getPublicExponent(), keyStructure.getPrivateExponent(), keyStructure.getPrime1(), keyStructure.getPrime2(), keyStructure.getExponent1(), keyStructure.getExponent2(), keyStructure.getCoefficient());
} else // else if (algId.getObjectId().equals(X9ObjectIdentifiers.dhpublicnumber))
if (algId.getObjectId().equals(PKCSObjectIdentifiers.dhKeyAgreement)) {
DHParameter params = new DHParameter((ASN1Sequence) keyInfo.getAlgorithmId().getParameters());
DERInteger derX = (DERInteger) keyInfo.getPrivateKey();
BigInteger lVal = params.getL();
int l = lVal == null ? 0 : lVal.intValue();
DHParameters dhParams = new DHParameters(params.getP(), params.getG(), null, l);
return new DHPrivateKeyParameters(derX.getValue(), dhParams);
} else // END android-removed
if (algId.getObjectId().equals(X9ObjectIdentifiers.id_dsa)) {
DERInteger derX = (DERInteger) keyInfo.getPrivateKey();
DEREncodable de = keyInfo.getAlgorithmId().getParameters();
DSAParameters parameters = null;
if (de != null) {
DSAParameter params = DSAParameter.getInstance(de.getDERObject());
parameters = new DSAParameters(params.getP(), params.getQ(), params.getG());
}
return new DSAPrivateKeyParameters(derX.getValue(), parameters);
} else if (algId.getObjectId().equals(X9ObjectIdentifiers.id_ecPublicKey)) {
X962Parameters params = new X962Parameters((DERObject) keyInfo.getAlgorithmId().getParameters());
ECDomainParameters dParams = null;
if (params.isNamedCurve()) {
DERObjectIdentifier oid = (DERObjectIdentifier) params.getParameters();
X9ECParameters ecP = X962NamedCurves.getByOID(oid);
if (ecP == null) {
ecP = SECNamedCurves.getByOID(oid);
if (ecP == null) {
ecP = NISTNamedCurves.getByOID(oid);
// BEGIN android-removed
// if (ecP == null)
// {
// ecP = TeleTrusTNamedCurves.getByOID(oid);
// }
// END android-removed
}
}
dParams = new ECDomainParameters(ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed());
} else {
X9ECParameters ecP = new X9ECParameters((ASN1Sequence) params.getParameters());
dParams = new ECDomainParameters(ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed());
}
ECPrivateKeyStructure ec = new ECPrivateKeyStructure((ASN1Sequence) keyInfo.getPrivateKey());
return new ECPrivateKeyParameters(ec.getKey(), dParams);
} else {
throw new RuntimeException("algorithm identifier in key not recognised");
}
}
use of org.bouncycastle.asn1.DERInteger in project android_frameworks_base by AOSPA.
the class AndroidKeyStoreKeyPairGeneratorSpi method generateSelfSignedCertificateWithFakeSignature.
@SuppressWarnings("deprecation")
private X509Certificate generateSelfSignedCertificateWithFakeSignature(PublicKey publicKey) throws IOException, CertificateParsingException {
V3TBSCertificateGenerator tbsGenerator = new V3TBSCertificateGenerator();
ASN1ObjectIdentifier sigAlgOid;
AlgorithmIdentifier sigAlgId;
byte[] signature;
switch(mKeymasterAlgorithm) {
case KeymasterDefs.KM_ALGORITHM_EC:
sigAlgOid = X9ObjectIdentifiers.ecdsa_with_SHA256;
sigAlgId = new AlgorithmIdentifier(sigAlgOid);
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(new DERInteger(0));
v.add(new DERInteger(0));
signature = new DERSequence().getEncoded();
break;
case KeymasterDefs.KM_ALGORITHM_RSA:
sigAlgOid = PKCSObjectIdentifiers.sha256WithRSAEncryption;
sigAlgId = new AlgorithmIdentifier(sigAlgOid, DERNull.INSTANCE);
signature = new byte[1];
break;
default:
throw new ProviderException("Unsupported key algorithm: " + mKeymasterAlgorithm);
}
try (ASN1InputStream publicKeyInfoIn = new ASN1InputStream(publicKey.getEncoded())) {
tbsGenerator.setSubjectPublicKeyInfo(SubjectPublicKeyInfo.getInstance(publicKeyInfoIn.readObject()));
}
tbsGenerator.setSerialNumber(new ASN1Integer(mSpec.getCertificateSerialNumber()));
X509Principal subject = new X509Principal(mSpec.getCertificateSubject().getEncoded());
tbsGenerator.setSubject(subject);
tbsGenerator.setIssuer(subject);
tbsGenerator.setStartDate(new Time(mSpec.getCertificateNotBefore()));
tbsGenerator.setEndDate(new Time(mSpec.getCertificateNotAfter()));
tbsGenerator.setSignature(sigAlgId);
TBSCertificate tbsCertificate = tbsGenerator.generateTBSCertificate();
ASN1EncodableVector result = new ASN1EncodableVector();
result.add(tbsCertificate);
result.add(sigAlgId);
result.add(new DERBitString(signature));
return new X509CertificateObject(Certificate.getInstance(new DERSequence(result)));
}
Aggregations