use of org.bouncycastle.asn1.x509.AlgorithmIdentifier in project jruby-openssl by jruby.
the class PEMInputOutput method derivePrivateKeyPBES2.
private static PrivateKey derivePrivateKeyPBES2(EncryptedPrivateKeyInfo eIn, AlgorithmIdentifier algId, char[] password) throws GeneralSecurityException, InvalidCipherTextException {
PBES2Parameters pbeParams = PBES2Parameters.getInstance((ASN1Sequence) algId.getParameters());
CipherParameters cipherParams = extractPBES2CipherParams(password, pbeParams);
EncryptionScheme scheme = pbeParams.getEncryptionScheme();
BufferedBlockCipher cipher;
if (scheme.getAlgorithm().equals(PKCSObjectIdentifiers.RC2_CBC)) {
RC2CBCParameter rc2Params = RC2CBCParameter.getInstance(scheme);
byte[] iv = rc2Params.getIV();
CipherParameters param = new ParametersWithIV(cipherParams, iv);
cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new RC2Engine()));
cipher.init(false, param);
} else {
byte[] iv = ASN1OctetString.getInstance(scheme.getParameters()).getOctets();
CipherParameters param = new ParametersWithIV(cipherParams, iv);
cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESedeEngine()));
cipher.init(false, param);
}
byte[] data = eIn.getEncryptedData();
byte[] out = new byte[cipher.getOutputSize(data.length)];
int len = cipher.processBytes(data, 0, data.length, out, 0);
len += cipher.doFinal(out, len);
byte[] pkcs8 = new byte[len];
System.arraycopy(out, 0, pkcs8, 0, len);
// It seems to work for both RSA and DSA.
KeyFactory fact = SecurityHelper.getKeyFactory("RSA");
return fact.generatePrivate(new PKCS8EncodedKeySpec(pkcs8));
}
use of org.bouncycastle.asn1.x509.AlgorithmIdentifier in project jruby-openssl by jruby.
the class PEMInputOutput method derivePrivateKeyPBES1.
private static PrivateKey derivePrivateKeyPBES1(EncryptedPrivateKeyInfo eIn, AlgorithmIdentifier algId, char[] password) throws GeneralSecurityException, IOException {
// From BC's PEMReader
PKCS12PBEParams pkcs12Params = PKCS12PBEParams.getInstance(algId.getParameters());
PBEKeySpec pbeSpec = new PBEKeySpec(password);
PBEParameterSpec pbeParams = new PBEParameterSpec(pkcs12Params.getIV(), pkcs12Params.getIterations().intValue());
String algorithm = ASN1Registry.o2a(algId.getAlgorithm());
algorithm = (algorithm.split("-"))[0];
SecretKeyFactory secKeyFactory = SecurityHelper.getSecretKeyFactory(algorithm);
Cipher cipher = SecurityHelper.getCipher(algorithm);
cipher.init(Cipher.DECRYPT_MODE, secKeyFactory.generateSecret(pbeSpec), pbeParams);
PrivateKeyInfo pInfo = PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(cipher.doFinal(eIn.getEncryptedData())));
KeyFactory keyFactory = getKeyFactory(pInfo.getPrivateKeyAlgorithm());
return keyFactory.generatePrivate(new PKCS8EncodedKeySpec(pInfo.getEncoded()));
}
use of org.bouncycastle.asn1.x509.AlgorithmIdentifier in project jruby-openssl by jruby.
the class PKey method readECPrivateKey.
public static KeyPair readECPrivateKey(final KeyFactory ecFactory, final byte[] input) throws IOException, InvalidKeySpecException {
try {
ECPrivateKeyStructure pKey = new ECPrivateKeyStructure((ASN1Sequence) ASN1Primitive.fromByteArray(input));
AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, pKey.getParameters());
PrivateKeyInfo privInfo = new PrivateKeyInfo(algId, pKey.toASN1Primitive());
SubjectPublicKeyInfo pubInfo = new SubjectPublicKeyInfo(algId, pKey.getPublicKey().getBytes());
PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(privInfo.getEncoded());
X509EncodedKeySpec pubSpec = new X509EncodedKeySpec(pubInfo.getEncoded());
// KeyFactory fact = KeyFactory.getInstance("ECDSA", provider);
ECPrivateKey privateKey = (ECPrivateKey) ecFactory.generatePrivate(privSpec);
if (algId.getParameters() instanceof ASN1ObjectIdentifier) {
privateKey = ECPrivateKeyWithName.wrap(privateKey, (ASN1ObjectIdentifier) algId.getParameters());
}
return new KeyPair(ecFactory.generatePublic(pubSpec), privateKey);
} catch (ClassCastException ex) {
throw new IOException("wrong ASN.1 object found in stream", ex);
}
// catch (Exception ex) {
// throw new IOException("problem parsing EC private key: " + ex);
// }
}
use of org.bouncycastle.asn1.x509.AlgorithmIdentifier in project jruby-openssl by jruby.
the class RecipInfo method set.
/**
* c: PKCS7_RECIP_INFO_set
*/
public void set(X509AuxCertificate cert) throws PKCS7Exception {
version = 0;
X500Name issuer = X500Name.getInstance(cert.getIssuerX500Principal().getEncoded());
BigInteger serial = cert.getSerialNumber();
issuerAndSerial = new IssuerAndSerialNumber(issuer, serial);
String algo = addEncryptionIfNeeded(cert.getPublicKey().getAlgorithm());
keyEncAlgor = new AlgorithmIdentifier(ASN1Registry.sym2oid(algo));
this.cert = cert;
}
use of org.bouncycastle.asn1.x509.AlgorithmIdentifier in project jruby-openssl by jruby.
the class Signed method algorithmIdentifiersFromASN1Set.
private static Set<AlgorithmIdentifier> algorithmIdentifiersFromASN1Set(ASN1Encodable content) {
ASN1Set set = (ASN1Set) content;
Set<AlgorithmIdentifier> result = new HashSet<AlgorithmIdentifier>();
for (Enumeration<?> e = set.getObjects(); e.hasMoreElements(); ) {
result.add(AlgorithmIdentifier.getInstance(e.nextElement()));
}
return result;
}
Aggregations