Search in sources :

Example 41 with DERObjectIdentifier

use of org.bouncycastle.asn1.DERObjectIdentifier in project XobotOS by xamarin.

the class X509CRLObject method toString.

/**
     * Returns a string representation of this CRL.
     *
     * @return a string representation of this CRL.
     */
public String toString() {
    StringBuffer buf = new StringBuffer();
    String nl = System.getProperty("line.separator");
    buf.append("              Version: ").append(this.getVersion()).append(nl);
    buf.append("             IssuerDN: ").append(this.getIssuerDN()).append(nl);
    buf.append("          This update: ").append(this.getThisUpdate()).append(nl);
    buf.append("          Next update: ").append(this.getNextUpdate()).append(nl);
    buf.append("  Signature Algorithm: ").append(this.getSigAlgName()).append(nl);
    byte[] sig = this.getSignature();
    buf.append("            Signature: ").append(new String(Hex.encode(sig, 0, 20))).append(nl);
    for (int i = 20; i < sig.length; i += 20) {
        if (i < sig.length - 20) {
            buf.append("                       ").append(new String(Hex.encode(sig, i, 20))).append(nl);
        } else {
            buf.append("                       ").append(new String(Hex.encode(sig, i, sig.length - i))).append(nl);
        }
    }
    X509Extensions extensions = c.getTBSCertList().getExtensions();
    if (extensions != null) {
        Enumeration e = extensions.oids();
        if (e.hasMoreElements()) {
            buf.append("           Extensions: ").append(nl);
        }
        while (e.hasMoreElements()) {
            DERObjectIdentifier oid = (DERObjectIdentifier) e.nextElement();
            X509Extension ext = extensions.getExtension(oid);
            if (ext.getValue() != null) {
                byte[] octs = ext.getValue().getOctets();
                ASN1InputStream dIn = new ASN1InputStream(octs);
                buf.append("                       critical(").append(ext.isCritical()).append(") ");
                try {
                    if (oid.equals(X509Extensions.CRLNumber)) {
                        buf.append(new CRLNumber(DERInteger.getInstance(dIn.readObject()).getPositiveValue())).append(nl);
                    } else if (oid.equals(X509Extensions.DeltaCRLIndicator)) {
                        buf.append("Base CRL: " + new CRLNumber(DERInteger.getInstance(dIn.readObject()).getPositiveValue())).append(nl);
                    } else if (oid.equals(X509Extensions.IssuingDistributionPoint)) {
                        buf.append(new IssuingDistributionPoint((ASN1Sequence) dIn.readObject())).append(nl);
                    } else if (oid.equals(X509Extensions.CRLDistributionPoints)) {
                        buf.append(new CRLDistPoint((ASN1Sequence) dIn.readObject())).append(nl);
                    } else if (oid.equals(X509Extensions.FreshestCRL)) {
                        buf.append(new CRLDistPoint((ASN1Sequence) dIn.readObject())).append(nl);
                    } else {
                        buf.append(oid.getId());
                        buf.append(" value = ").append(ASN1Dump.dumpAsString(dIn.readObject())).append(nl);
                    }
                } catch (Exception ex) {
                    buf.append(oid.getId());
                    buf.append(" value = ").append("*****").append(nl);
                }
            } else {
                buf.append(nl);
            }
        }
    }
    Set set = getRevokedCertificates();
    if (set != null) {
        Iterator it = set.iterator();
        while (it.hasNext()) {
            buf.append(it.next());
            buf.append(nl);
        }
    }
    return buf.toString();
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) Enumeration(java.util.Enumeration) IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint) HashSet(java.util.HashSet) Set(java.util.Set) X509Extension(org.bouncycastle.asn1.x509.X509Extension) CRLNumber(org.bouncycastle.asn1.x509.CRLNumber) X509Extensions(org.bouncycastle.asn1.x509.X509Extensions) DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier) IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) SignatureException(java.security.SignatureException) IOException(java.io.IOException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) CRLException(java.security.cert.CRLException) NoSuchProviderException(java.security.NoSuchProviderException) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) Iterator(java.util.Iterator) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)

Example 42 with DERObjectIdentifier

use of org.bouncycastle.asn1.DERObjectIdentifier in project XobotOS by xamarin.

the class X509V2AttributeCertificate method getExtensionOIDs.

private Set getExtensionOIDs(boolean critical) {
    X509Extensions extensions = cert.getAcinfo().getExtensions();
    if (extensions != null) {
        Set set = new HashSet();
        Enumeration e = extensions.oids();
        while (e.hasMoreElements()) {
            DERObjectIdentifier oid = (DERObjectIdentifier) e.nextElement();
            X509Extension ext = extensions.getExtension(oid);
            if (ext.isCritical() == critical) {
                set.add(oid.getId());
            }
        }
        return set;
    }
    return null;
}
Also used : HashSet(java.util.HashSet) Set(java.util.Set) Enumeration(java.util.Enumeration) X509Extension(org.bouncycastle.asn1.x509.X509Extension) X509Extensions(org.bouncycastle.asn1.x509.X509Extensions) DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier) HashSet(java.util.HashSet)

Example 43 with DERObjectIdentifier

use of org.bouncycastle.asn1.DERObjectIdentifier in project XobotOS by xamarin.

the class X509CertificateObject method getExtendedKeyUsage.

public List getExtendedKeyUsage() throws CertificateParsingException {
    byte[] bytes = this.getExtensionBytes("2.5.29.37");
    if (bytes != null) {
        try {
            ASN1InputStream dIn = new ASN1InputStream(bytes);
            ASN1Sequence seq = (ASN1Sequence) dIn.readObject();
            List list = new ArrayList();
            for (int i = 0; i != seq.size(); i++) {
                list.add(((DERObjectIdentifier) seq.getObjectAt(i)).getId());
            }
            return Collections.unmodifiableList(list);
        } catch (Exception e) {
            throw new CertificateParsingException("error processing extended key usage extension");
        }
    }
    return null;
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) CertificateParsingException(java.security.cert.CertificateParsingException) ArrayList(java.util.ArrayList) List(java.util.List) ArrayList(java.util.ArrayList) CertificateExpiredException(java.security.cert.CertificateExpiredException) SignatureException(java.security.SignatureException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) CertificateEncodingException(java.security.cert.CertificateEncodingException) CertificateNotYetValidException(java.security.cert.CertificateNotYetValidException) CertificateParsingException(java.security.cert.CertificateParsingException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) NoSuchProviderException(java.security.NoSuchProviderException)

Example 44 with DERObjectIdentifier

use of org.bouncycastle.asn1.DERObjectIdentifier in project XobotOS by xamarin.

the class PublicKeyFactory method createKey.

/**
     * Create a public key from the passed in SubjectPublicKeyInfo
     * 
     * @param keyInfo the SubjectPublicKeyInfo containing the key data
     * @return the appropriate key parameter
     * @throws IOException on an error decoding the key
     */
public static AsymmetricKeyParameter createKey(SubjectPublicKeyInfo keyInfo) throws IOException {
    AlgorithmIdentifier algId = keyInfo.getAlgorithmId();
    if (algId.getObjectId().equals(PKCSObjectIdentifiers.rsaEncryption) || algId.getObjectId().equals(X509ObjectIdentifiers.id_ea_rsa)) {
        RSAPublicKeyStructure pubKey = new RSAPublicKeyStructure((ASN1Sequence) keyInfo.getPublicKey());
        return new RSAKeyParameters(false, pubKey.getModulus(), pubKey.getPublicExponent());
    } else if (algId.getObjectId().equals(X9ObjectIdentifiers.dhpublicnumber)) {
        DHPublicKey dhPublicKey = DHPublicKey.getInstance(keyInfo.getPublicKey());
        BigInteger y = dhPublicKey.getY().getValue();
        DHDomainParameters dhParams = DHDomainParameters.getInstance(keyInfo.getAlgorithmId().getParameters());
        BigInteger p = dhParams.getP().getValue();
        BigInteger g = dhParams.getG().getValue();
        BigInteger q = dhParams.getQ().getValue();
        BigInteger j = null;
        if (dhParams.getJ() != null) {
            j = dhParams.getJ().getValue();
        }
        DHValidationParameters validation = null;
        DHValidationParms dhValidationParms = dhParams.getValidationParms();
        if (dhValidationParms != null) {
            byte[] seed = dhValidationParms.getSeed().getBytes();
            BigInteger pgenCounter = dhValidationParms.getPgenCounter().getValue();
            // TODO Check pgenCounter size?
            validation = new DHValidationParameters(seed, pgenCounter.intValue());
        }
        return new DHPublicKeyParameters(y, new DHParameters(p, g, q, j, validation));
    } else if (algId.getObjectId().equals(PKCSObjectIdentifiers.dhKeyAgreement)) {
        DHParameter params = new DHParameter((ASN1Sequence) keyInfo.getAlgorithmId().getParameters());
        DERInteger derY = (DERInteger) keyInfo.getPublicKey();
        BigInteger lVal = params.getL();
        int l = lVal == null ? 0 : lVal.intValue();
        DHParameters dhParams = new DHParameters(params.getP(), params.getG(), null, l);
        return new DHPublicKeyParameters(derY.getValue(), dhParams);
    } else // END android-removed
    if (algId.getObjectId().equals(X9ObjectIdentifiers.id_dsa) || algId.getObjectId().equals(OIWObjectIdentifiers.dsaWithSHA1)) {
        DERInteger derY = (DERInteger) keyInfo.getPublicKey();
        DEREncodable de = keyInfo.getAlgorithmId().getParameters();
        DSAParameters parameters = null;
        if (de != null) {
            DSAParameter params = DSAParameter.getInstance(de.getDERObject());
            parameters = new DSAParameters(params.getP(), params.getQ(), params.getG());
        }
        return new DSAPublicKeyParameters(derY.getValue(), parameters);
    } else if (algId.getObjectId().equals(X9ObjectIdentifiers.id_ecPublicKey)) {
        X962Parameters params = new X962Parameters((DERObject) keyInfo.getAlgorithmId().getParameters());
        ECDomainParameters dParams = null;
        if (params.isNamedCurve()) {
            DERObjectIdentifier oid = (DERObjectIdentifier) params.getParameters();
            X9ECParameters ecP = X962NamedCurves.getByOID(oid);
            if (ecP == null) {
                ecP = SECNamedCurves.getByOID(oid);
                if (ecP == null) {
                    ecP = NISTNamedCurves.getByOID(oid);
                // BEGIN android-removed
                // if (ecP == null)
                // {
                //     ecP = TeleTrusTNamedCurves.getByOID(oid);
                // }
                // END android-removed
                }
            }
            dParams = new ECDomainParameters(ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed());
        } else {
            X9ECParameters ecP = new X9ECParameters((ASN1Sequence) params.getParameters());
            dParams = new ECDomainParameters(ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed());
        }
        DERBitString bits = keyInfo.getPublicKeyData();
        byte[] data = bits.getBytes();
        ASN1OctetString key = new DEROctetString(data);
        X9ECPoint derQ = new X9ECPoint(dParams.getCurve(), key);
        return new ECPublicKeyParameters(derQ.getPoint(), dParams);
    } else {
        throw new RuntimeException("algorithm identifier in key not recognised");
    }
}
Also used : ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DHPublicKeyParameters(org.bouncycastle.crypto.params.DHPublicKeyParameters) ECDomainParameters(org.bouncycastle.crypto.params.ECDomainParameters) DHPublicKey(org.bouncycastle.asn1.x9.DHPublicKey) X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters) DHValidationParms(org.bouncycastle.asn1.x9.DHValidationParms) ECPublicKeyParameters(org.bouncycastle.crypto.params.ECPublicKeyParameters) RSAKeyParameters(org.bouncycastle.crypto.params.RSAKeyParameters) DEROctetString(org.bouncycastle.asn1.DEROctetString) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) DERInteger(org.bouncycastle.asn1.DERInteger) X962Parameters(org.bouncycastle.asn1.x9.X962Parameters) RSAPublicKeyStructure(org.bouncycastle.asn1.x509.RSAPublicKeyStructure) DHValidationParameters(org.bouncycastle.crypto.params.DHValidationParameters) DSAParameter(org.bouncycastle.asn1.x509.DSAParameter) DHParameter(org.bouncycastle.asn1.pkcs.DHParameter) DSAPublicKeyParameters(org.bouncycastle.crypto.params.DSAPublicKeyParameters) DHParameters(org.bouncycastle.crypto.params.DHParameters) DERBitString(org.bouncycastle.asn1.DERBitString) DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier) X9ECPoint(org.bouncycastle.asn1.x9.X9ECPoint) X9ECPoint(org.bouncycastle.asn1.x9.X9ECPoint) DEREncodable(org.bouncycastle.asn1.DEREncodable) BigInteger(java.math.BigInteger) DHDomainParameters(org.bouncycastle.asn1.x9.DHDomainParameters) DSAParameters(org.bouncycastle.crypto.params.DSAParameters)

Example 45 with DERObjectIdentifier

use of org.bouncycastle.asn1.DERObjectIdentifier in project nhin-d by DirectProject.

the class SMIMECryptographerImpl method createSignatureEntity.

protected MimeMultipart createSignatureEntity(byte[] entity, Collection<X509Certificate> signingCertificates) {
    MimeMultipart retVal = null;
    try {
        final MimeBodyPart signedContent = new MimeBodyPart(new ByteArrayInputStream(entity));
        final ASN1EncodableVector signedAttrs = new ASN1EncodableVector();
        final SMIMECapabilityVector caps = new SMIMECapabilityVector();
        caps.addCapability(SMIMECapability.dES_EDE3_CBC);
        caps.addCapability(SMIMECapability.rC2_CBC, 128);
        caps.addCapability(SMIMECapability.dES_CBC);
        caps.addCapability(new DERObjectIdentifier("1.2.840.113549.1.7.1"));
        caps.addCapability(x509CertificateObjectsIdent);
        signedAttrs.add(new SMIMECapabilitiesAttribute(caps));
        final List<X509Certificate> certList = new ArrayList<X509Certificate>();
        final DirectSignedDataGenerator generator = sigFactory.createInstance();
        for (X509Certificate signer : signingCertificates) {
            if (signer instanceof X509CertificateEx) {
                generator.addSigner(((X509CertificateEx) signer).getPrivateKey(), signer, this.m_digestAlgorithm.getOID(), createAttributeTable(signedAttrs), null);
                certList.add(signer);
            }
        }
        final CertStore certsAndcrls = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certList), CryptoExtensions.getJCEProviderNameForTypeAndAlgorithm("CertStore", "Collection"));
        generator.addCertificatesAndCRLs(certsAndcrls);
        final CMSProcessableBodyPart content = new CMSProcessableBodyPart(signedContent);
        final CMSSignedData signedData = generator.generate(content);
        final String header = "signed; protocol=\"application/pkcs7-signature\"; micalg=" + CryptoAlgorithmsHelper.toDigestAlgorithmMicalg(this.m_digestAlgorithm);
        //String encodedSig = Base64.encodeBase64String(signedData.getEncoded());
        final String encodedSig = StringUtils.newStringUtf8(Base64.encodeBase64(signedData.getEncoded(), true));
        retVal = new MimeMultipart(header.toString());
        final MimeBodyPart sig = new MimeBodyPart(new InternetHeaders(), encodedSig.getBytes("ASCII"));
        sig.addHeader("Content-Type", "application/pkcs7-signature; name=smime.p7s; smime-type=signed-data");
        sig.addHeader("Content-Disposition", "attachment; filename=\"smime.p7s\"");
        sig.addHeader("Content-Description", "S/MIME Cryptographic Signature");
        sig.addHeader("Content-Transfer-Encoding", "base64");
        retVal.addBodyPart(signedContent);
        retVal.addBodyPart(sig);
    } catch (MessagingException e) {
        throw new MimeException(MimeError.InvalidMimeEntity, e);
    } catch (IOException e) {
        throw new SignatureException(SignatureError.InvalidMultipartSigned, e);
    } catch (Exception e) {
        throw new NHINDException(MimeError.Unexpected, e);
    }
    return retVal;
}
Also used : InternetHeaders(javax.mail.internet.InternetHeaders) MessagingException(javax.mail.MessagingException) ArrayList(java.util.ArrayList) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) IOException(java.io.IOException) DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier) CMSSignedData(org.bouncycastle.cms.CMSSignedData) NHINDException(org.nhindirect.stagent.NHINDException) X509Certificate(java.security.cert.X509Certificate) MessagingException(javax.mail.MessagingException) MimeException(org.nhindirect.stagent.mail.MimeException) NHINDException(org.nhindirect.stagent.NHINDException) ParseException(javax.mail.internet.ParseException) IOException(java.io.IOException) SignatureValidationException(org.nhindirect.stagent.SignatureValidationException) CMSProcessableBodyPart(org.bouncycastle.mail.smime.CMSProcessableBodyPart) CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters) MimeMultipart(javax.mail.internet.MimeMultipart) ByteArrayInputStream(java.io.ByteArrayInputStream) SMIMECapabilityVector(org.bouncycastle.asn1.smime.SMIMECapabilityVector) X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) MimeException(org.nhindirect.stagent.mail.MimeException) MimeBodyPart(javax.mail.internet.MimeBodyPart) DirectSignedDataGenerator(org.nhindirect.stagent.cryptography.activekeyops.DirectSignedDataGenerator) SMIMECapabilitiesAttribute(org.bouncycastle.asn1.smime.SMIMECapabilitiesAttribute) CertStore(java.security.cert.CertStore)

Aggregations

DERObjectIdentifier (org.bouncycastle.asn1.DERObjectIdentifier)43 IOException (java.io.IOException)22 ArrayList (java.util.ArrayList)22 HashSet (java.util.HashSet)21 List (java.util.List)21 Set (java.util.Set)21 Enumeration (java.util.Enumeration)18 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)16 X509Certificate (java.security.cert.X509Certificate)13 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)11 CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)11 DEREncodable (org.bouncycastle.asn1.DEREncodable)10 DERObject (org.bouncycastle.asn1.DERObject)10 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)9 Iterator (java.util.Iterator)8 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)8 X962Parameters (org.bouncycastle.asn1.x9.X962Parameters)8 X9ECParameters (org.bouncycastle.asn1.x9.X9ECParameters)8 HashMap (java.util.HashMap)7 Map (java.util.Map)7