Example 41 with Signature
use of org.bouncycastle.asn1.ocsp.Signature in project xipki by xipki.
the class AlgorithmUtil method extractDigesetAlgFromSigAlg.
public static AlgorithmIdentifier extractDigesetAlgFromSigAlg(AlgorithmIdentifier sigAlgId) throws NoSuchAlgorithmException {
ASN1ObjectIdentifier algOid = sigAlgId.getAlgorithm();
ASN1ObjectIdentifier digestAlgOid;
if (PKCSObjectIdentifiers.id_RSASSA_PSS.equals(algOid)) {
ASN1Encodable asn1Encodable = sigAlgId.getParameters();
RSASSAPSSparams param = RSASSAPSSparams.getInstance(asn1Encodable);
digestAlgOid = param.getHashAlgorithm().getAlgorithm();
} else {
HashAlgo digestAlg = sigAlgOidToDigestMap.get(algOid);
if (digestAlg == null) {
throw new NoSuchAlgorithmException("unknown signature algorithm " + algOid.getId());
}
digestAlgOid = digestAlg.getOid();
}
return new AlgorithmIdentifier(digestAlgOid, DERNull.INSTANCE);
}
Also used :
HashAlgo(org.xipki.security.HashAlgo)
RSASSAPSSparams(org.bouncycastle.asn1.pkcs.RSASSAPSSparams)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 42 with Signature
use of org.bouncycastle.asn1.ocsp.Signature in project xipki by xipki.
the class AlgorithmUtil method getSigOrMacAlgoCode.
// method getHashOutputSizeInOctets
public static AlgorithmCode getSigOrMacAlgoCode(AlgorithmIdentifier algId) throws NoSuchAlgorithmException {
ASN1ObjectIdentifier oid = algId.getAlgorithm();
AlgorithmCode code = algOidToCodeMap.get(oid);
if (code != null) {
return code;
}
if (PKCSObjectIdentifiers.id_RSASSA_PSS.equals(oid)) {
RSASSAPSSparams param = RSASSAPSSparams.getInstance(algId.getParameters());
ASN1ObjectIdentifier digestAlgOid = param.getHashAlgorithm().getAlgorithm();
code = digestToMgf1AlgCodeMap.get(digestAlgOid);
if (code == null) {
throw new NoSuchAlgorithmException("unsupported digest algorithm " + digestAlgOid);
}
return code;
} else {
throw new NoSuchAlgorithmException("unsupported signature algorithm " + oid.getId());
}
}
Also used :
RSASSAPSSparams(org.bouncycastle.asn1.pkcs.RSASSAPSSparams)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
AlgorithmCode(org.xipki.security.AlgorithmCode)
Example 43 with Signature
use of org.bouncycastle.asn1.ocsp.Signature in project xipki by xipki.
the class AlgorithmUtil method getMacAlgId.
public static AlgorithmIdentifier getMacAlgId(String macAlgName) throws NoSuchAlgorithmException {
ParamUtil.requireNonNull("macAlgName", macAlgName);
String algoS = macAlgName.toUpperCase();
algoS = canonicalizeAlgoText(algoS);
ASN1ObjectIdentifier oid = macAlgNameToOidMap.get(algoS);
if (oid == null) {
throw new NoSuchAlgorithmException("unsupported signature algorithm " + algoS);
}
return new AlgorithmIdentifier(oid, DERNull.INSTANCE);
}
Also used :
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 44 with Signature
use of org.bouncycastle.asn1.ocsp.Signature in project xipki by xipki.
the class SignerUtil method dsaSigPlainToX962.
// CHECKSTYLE:SKIP
public static byte[] dsaSigPlainToX962(byte[] signature) throws XiSecurityException {
ParamUtil.requireNonNull("signature", signature);
if (signature.length % 2 != 0) {
throw new XiSecurityException("signature.lenth must be even, but is odd");
}
byte[] ba = new byte[signature.length / 2];
ASN1EncodableVector sigder = new ASN1EncodableVector();
System.arraycopy(signature, 0, ba, 0, ba.length);
sigder.add(new ASN1Integer(new BigInteger(1, ba)));
System.arraycopy(signature, ba.length, ba, 0, ba.length);
sigder.add(new ASN1Integer(new BigInteger(1, ba)));
DERSequence seq = new DERSequence(sigder);
try {
return seq.getEncoded();
} catch (IOException ex) {
throw new XiSecurityException("IOException, message: " + ex.getMessage(), ex);
}
}
Also used :
XiSecurityException(org.xipki.security.exception.XiSecurityException)
DERSequence(org.bouncycastle.asn1.DERSequence)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
BigInteger(java.math.BigInteger)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
IOException(java.io.IOException)
Example 45 with Signature
use of org.bouncycastle.asn1.ocsp.Signature in project xipki by xipki.
the class SignerUtil method createPSSRSASigner.
// CHECKSTYLE:SKIP
public static PSSSigner createPSSRSASigner(AlgorithmIdentifier sigAlgId, AsymmetricBlockCipher cipher) throws XiSecurityException {
ParamUtil.requireNonNull("sigAlgId", sigAlgId);
if (!PKCSObjectIdentifiers.id_RSASSA_PSS.equals(sigAlgId.getAlgorithm())) {
throw new XiSecurityException("signature algorithm " + sigAlgId.getAlgorithm() + " is not allowed");
}
AlgorithmIdentifier digAlgId;
try {
digAlgId = AlgorithmUtil.extractDigesetAlgFromSigAlg(sigAlgId);
} catch (NoSuchAlgorithmException ex) {
throw new XiSecurityException(ex.getMessage(), ex);
}
RSASSAPSSparams param = RSASSAPSSparams.getInstance(sigAlgId.getParameters());
AlgorithmIdentifier mfgDigAlgId = AlgorithmIdentifier.getInstance(param.getMaskGenAlgorithm().getParameters());
Digest dig = getDigest(digAlgId);
Digest mfgDig = getDigest(mfgDigAlgId);
int saltSize = param.getSaltLength().intValue();
int trailerField = param.getTrailerField().intValue();
AsymmetricBlockCipher tmpCipher = (cipher == null) ? new RSABlindedEngine() : cipher;
return new PSSSigner(tmpCipher, dig, mfgDig, saltSize, getTrailer(trailerField));
}
Also used :
XiSecurityException(org.xipki.security.exception.XiSecurityException)
Digest(org.bouncycastle.crypto.Digest)
RSABlindedEngine(org.bouncycastle.crypto.engines.RSABlindedEngine)
RSASSAPSSparams(org.bouncycastle.asn1.pkcs.RSASSAPSSparams)
PSSSigner(org.bouncycastle.crypto.signers.PSSSigner)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
AsymmetricBlockCipher(org.bouncycastle.crypto.AsymmetricBlockCipher)
Aggregations
IOException (java.io.IOException)58
DERIA5String (org.bouncycastle.asn1.DERIA5String)36
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)31
DERBitString (org.bouncycastle.asn1.DERBitString)31
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)30
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)30
InvalidKeyException (java.security.InvalidKeyException)28
X509Certificate (java.security.cert.X509Certificate)28
SignatureException (java.security.SignatureException)27
DERSequence (org.bouncycastle.asn1.DERSequence)26
PublicKey (java.security.PublicKey)25
ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)23
DEROctetString (org.bouncycastle.asn1.DEROctetString)22
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)22
Signature (java.security.Signature)21
CertificateException (java.security.cert.CertificateException)21
BigInteger (java.math.BigInteger)20
OperatorCreationException (org.bouncycastle.operator.OperatorCreationException)19
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)18
NoSuchProviderException (java.security.NoSuchProviderException)16
