Example 11 with Signature
use of org.bouncycastle.asn1.ocsp.Signature in project robovm by robovm.
the class DefaultSignatureAlgorithmIdentifierFinder method generate.
private static AlgorithmIdentifier generate(String signatureAlgorithm) {
AlgorithmIdentifier sigAlgId;
AlgorithmIdentifier encAlgId;
AlgorithmIdentifier digAlgId;
String algorithmName = Strings.toUpperCase(signatureAlgorithm);
ASN1ObjectIdentifier sigOID = (ASN1ObjectIdentifier) algorithms.get(algorithmName);
if (sigOID == null) {
throw new IllegalArgumentException("Unknown signature type requested: " + algorithmName);
}
if (noParams.contains(sigOID)) {
sigAlgId = new AlgorithmIdentifier(sigOID);
} else if (params.containsKey(algorithmName)) {
sigAlgId = new AlgorithmIdentifier(sigOID, (ASN1Encodable) params.get(algorithmName));
} else {
sigAlgId = new AlgorithmIdentifier(sigOID, DERNull.INSTANCE);
}
if (pkcs15RsaEncryption.contains(sigOID)) {
encAlgId = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE);
} else {
encAlgId = sigAlgId;
}
if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) {
digAlgId = ((RSASSAPSSparams) sigAlgId.getParameters()).getHashAlgorithm();
} else {
digAlgId = new AlgorithmIdentifier((ASN1ObjectIdentifier) digestOids.get(sigOID), DERNull.INSTANCE);
}
return sigAlgId;
}
Also used :
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 12 with Signature
use of org.bouncycastle.asn1.ocsp.Signature in project robovm by robovm.
the class CertUtils method generateAttrStructure.
private static AttributeCertificate generateAttrStructure(AttributeCertificateInfo attrInfo, AlgorithmIdentifier sigAlgId, byte[] signature) {
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(attrInfo);
v.add(sigAlgId);
v.add(new DERBitString(signature));
return AttributeCertificate.getInstance(new DERSequence(v));
}
Also used :
DERSequence(org.bouncycastle.asn1.DERSequence)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
DERBitString(org.bouncycastle.asn1.DERBitString)
Example 13 with Signature
use of org.bouncycastle.asn1.ocsp.Signature in project robovm by robovm.
the class CertUtils method generateStructure.
private static Certificate generateStructure(TBSCertificate tbsCert, AlgorithmIdentifier sigAlgId, byte[] signature) {
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(tbsCert);
v.add(sigAlgId);
v.add(new DERBitString(signature));
return Certificate.getInstance(new DERSequence(v));
}
Also used :
DERSequence(org.bouncycastle.asn1.DERSequence)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
DERBitString(org.bouncycastle.asn1.DERBitString)
Example 14 with Signature
use of org.bouncycastle.asn1.ocsp.Signature in project robovm by robovm.
the class CertUtils method generateCRLStructure.
private static CertificateList generateCRLStructure(TBSCertList tbsCertList, AlgorithmIdentifier sigAlgId, byte[] signature) {
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(tbsCertList);
v.add(sigAlgId);
v.add(new DERBitString(signature));
return CertificateList.getInstance(new DERSequence(v));
}
Also used :
DERSequence(org.bouncycastle.asn1.DERSequence)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
DERBitString(org.bouncycastle.asn1.DERBitString)
Example 15 with Signature
use of org.bouncycastle.asn1.ocsp.Signature in project robovm by robovm.
the class X509AttributeCertificateHolder method isSignatureValid.
/**
* Validate the signature on the attribute certificate in this holder.
*
* @param verifierProvider a ContentVerifierProvider that can generate a verifier for the signature.
* @return true if the signature is valid, false otherwise.
* @throws CertException if the signature cannot be processed or is inappropriate.
*/
public boolean isSignatureValid(ContentVerifierProvider verifierProvider) throws CertException {
AttributeCertificateInfo acinfo = attrCert.getAcinfo();
if (!CertUtils.isAlgIdEqual(acinfo.getSignature(), attrCert.getSignatureAlgorithm())) {
throw new CertException("signature invalid - algorithm identifier mismatch");
}
ContentVerifier verifier;
try {
verifier = verifierProvider.get((acinfo.getSignature()));
OutputStream sOut = verifier.getOutputStream();
DEROutputStream dOut = new DEROutputStream(sOut);
dOut.writeObject(acinfo);
sOut.close();
} catch (Exception e) {
throw new CertException("unable to process signature: " + e.getMessage(), e);
}
return verifier.verify(attrCert.getSignatureValue().getBytes());
}
Also used :
AttributeCertificateInfo(org.bouncycastle.asn1.x509.AttributeCertificateInfo)
ContentVerifier(org.bouncycastle.operator.ContentVerifier)
OutputStream(java.io.OutputStream)
DEROutputStream(org.bouncycastle.asn1.DEROutputStream)
IOException(java.io.IOException)
DEROutputStream(org.bouncycastle.asn1.DEROutputStream)
Aggregations
IOException (java.io.IOException)58
DERIA5String (org.bouncycastle.asn1.DERIA5String)36
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)31
DERBitString (org.bouncycastle.asn1.DERBitString)31
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)30
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)30
InvalidKeyException (java.security.InvalidKeyException)28
X509Certificate (java.security.cert.X509Certificate)28
SignatureException (java.security.SignatureException)27
DERSequence (org.bouncycastle.asn1.DERSequence)26
PublicKey (java.security.PublicKey)25
ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)23
DEROctetString (org.bouncycastle.asn1.DEROctetString)22
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)22
Signature (java.security.Signature)21
CertificateException (java.security.cert.CertificateException)21
BigInteger (java.math.BigInteger)20
OperatorCreationException (org.bouncycastle.operator.OperatorCreationException)19
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)18
NoSuchProviderException (java.security.NoSuchProviderException)16
