Search in sources :

Example 51 with AlgorithmIdentifier

use of org.bouncycastle.asn1.x509.AlgorithmIdentifier in project xipki by xipki.

the class AlgorithmUtil method isPlainECDSASigAlg.

// CHECKSTYLE:SKIP
public static boolean isPlainECDSASigAlg(AlgorithmIdentifier algId) {
    ParamUtil.requireNonNull("algId", algId);
    ASN1ObjectIdentifier oid = algId.getAlgorithm();
    if (BSIObjectIdentifiers.ecdsa_plain_SHA1.equals(oid) || BSIObjectIdentifiers.ecdsa_plain_SHA224.equals(oid) || BSIObjectIdentifiers.ecdsa_plain_SHA256.equals(oid) || BSIObjectIdentifiers.ecdsa_plain_SHA384.equals(oid) || BSIObjectIdentifiers.ecdsa_plain_SHA512.equals(oid)) {
        return true;
    }
    return false;
}
Also used : ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 52 with AlgorithmIdentifier

use of org.bouncycastle.asn1.x509.AlgorithmIdentifier in project xipki by xipki.

the class AlgorithmUtil method getMacAlgId.

public static AlgorithmIdentifier getMacAlgId(String macAlgName) throws NoSuchAlgorithmException {
    ParamUtil.requireNonNull("macAlgName", macAlgName);
    String algoS = macAlgName.toUpperCase();
    algoS = canonicalizeAlgoText(algoS);
    ASN1ObjectIdentifier oid = macAlgNameToOidMap.get(algoS);
    if (oid == null) {
        throw new NoSuchAlgorithmException("unsupported signature algorithm " + algoS);
    }
    return new AlgorithmIdentifier(oid, DERNull.INSTANCE);
}
Also used : NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Example 53 with AlgorithmIdentifier

use of org.bouncycastle.asn1.x509.AlgorithmIdentifier in project xipki by xipki.

the class AlgorithmUtil method getRSASigAlgId.

// CHECKSTYLE:SKIP
private static AlgorithmIdentifier getRSASigAlgId(HashAlgo hashAlgo, boolean mgf1) throws NoSuchAlgorithmException {
    ParamUtil.requireNonNull("hashAlgo", hashAlgo);
    if (mgf1) {
        return buildRSAPSSAlgId(hashAlgo);
    }
    ASN1ObjectIdentifier sigAlgOid = digestToRSASigAlgMap.get(hashAlgo);
    if (sigAlgOid == null) {
        throw new NoSuchAlgorithmException("unsupported hash " + hashAlgo + " for RSA key");
    }
    return new AlgorithmIdentifier(sigAlgOid, DERNull.INSTANCE);
}
Also used : NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Example 54 with AlgorithmIdentifier

use of org.bouncycastle.asn1.x509.AlgorithmIdentifier in project xipki by xipki.

the class KeyUtil method createECPublicKey.

// CHECKSTYLE:SKIP
public static ECPublicKey createECPublicKey(byte[] encodedAlgorithmIdParameters, byte[] encodedPoint) throws InvalidKeySpecException {
    ParamUtil.requireNonNull("encodedAlgorithmIdParameters", encodedAlgorithmIdParameters);
    ParamUtil.requireNonNull("encodedPoint", encodedPoint);
    ASN1Encodable algParams;
    if (encodedAlgorithmIdParameters[0] == 6) {
        algParams = ASN1ObjectIdentifier.getInstance(encodedAlgorithmIdParameters);
    } else {
        algParams = X962Parameters.getInstance(encodedAlgorithmIdParameters);
    }
    AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, algParams);
    SubjectPublicKeyInfo spki = new SubjectPublicKeyInfo(algId, encodedPoint);
    X509EncodedKeySpec keySpec;
    try {
        keySpec = new X509EncodedKeySpec(spki.getEncoded());
    } catch (IOException ex) {
        throw new InvalidKeySpecException(ex.getMessage(), ex);
    }
    KeyFactory kf;
    try {
        kf = KeyFactory.getInstance("EC", "BC");
    } catch (NoSuchAlgorithmException | NoSuchProviderException ex) {
        throw new InvalidKeySpecException(ex.getMessage(), ex);
    }
    return (ECPublicKey) kf.generatePublic(keySpec);
}
Also used : ECPublicKey(java.security.interfaces.ECPublicKey) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) IOException(java.io.IOException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) NoSuchProviderException(java.security.NoSuchProviderException) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) KeyFactory(java.security.KeyFactory) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Example 55 with AlgorithmIdentifier

use of org.bouncycastle.asn1.x509.AlgorithmIdentifier in project xipki by xipki.

the class SignerUtil method createPSSRSASigner.

// CHECKSTYLE:SKIP
public static PSSSigner createPSSRSASigner(AlgorithmIdentifier sigAlgId, AsymmetricBlockCipher cipher) throws XiSecurityException {
    ParamUtil.requireNonNull("sigAlgId", sigAlgId);
    if (!PKCSObjectIdentifiers.id_RSASSA_PSS.equals(sigAlgId.getAlgorithm())) {
        throw new XiSecurityException("signature algorithm " + sigAlgId.getAlgorithm() + " is not allowed");
    }
    AlgorithmIdentifier digAlgId;
    try {
        digAlgId = AlgorithmUtil.extractDigesetAlgFromSigAlg(sigAlgId);
    } catch (NoSuchAlgorithmException ex) {
        throw new XiSecurityException(ex.getMessage(), ex);
    }
    RSASSAPSSparams param = RSASSAPSSparams.getInstance(sigAlgId.getParameters());
    AlgorithmIdentifier mfgDigAlgId = AlgorithmIdentifier.getInstance(param.getMaskGenAlgorithm().getParameters());
    Digest dig = getDigest(digAlgId);
    Digest mfgDig = getDigest(mfgDigAlgId);
    int saltSize = param.getSaltLength().intValue();
    int trailerField = param.getTrailerField().intValue();
    AsymmetricBlockCipher tmpCipher = (cipher == null) ? new RSABlindedEngine() : cipher;
    return new PSSSigner(tmpCipher, dig, mfgDig, saltSize, getTrailer(trailerField));
}
Also used : XiSecurityException(org.xipki.security.exception.XiSecurityException) Digest(org.bouncycastle.crypto.Digest) RSABlindedEngine(org.bouncycastle.crypto.engines.RSABlindedEngine) RSASSAPSSparams(org.bouncycastle.asn1.pkcs.RSASSAPSSparams) PSSSigner(org.bouncycastle.crypto.signers.PSSSigner) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) AsymmetricBlockCipher(org.bouncycastle.crypto.AsymmetricBlockCipher)

Aggregations

AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)117 IOException (java.io.IOException)54 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)50 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)41 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)40 SubjectPublicKeyInfo (org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)36 DERSequence (org.bouncycastle.asn1.DERSequence)34 BigInteger (java.math.BigInteger)30 X500Name (org.bouncycastle.asn1.x500.X500Name)30 X509Certificate (java.security.cert.X509Certificate)29 DEROctetString (org.bouncycastle.asn1.DEROctetString)29 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)26 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)21 Date (java.util.Date)20 KeyPair (java.security.KeyPair)19 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)19 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)19 ContentSigner (org.bouncycastle.operator.ContentSigner)17 KeyPairGenerator (java.security.KeyPairGenerator)15 CertificateEncodingException (java.security.cert.CertificateEncodingException)15