Example 26 with org.bouncycastle.asn1.x509
use of org.bouncycastle.asn1.x509 in project robovm by robovm.
the class BCECPrivateKey method getEncoded.
/**
* Return a PKCS8 representation of the key. The sequence returned
* represents a full PrivateKeyInfo object.
*
* @return a PKCS8 representation of the key.
*/
public byte[] getEncoded() {
X962Parameters params;
if (ecSpec instanceof ECNamedCurveSpec) {
DERObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec) ecSpec).getName());
if (// guess it's the OID
curveOid == null) {
curveOid = new DERObjectIdentifier(((ECNamedCurveSpec) ecSpec).getName());
}
params = new X962Parameters(curveOid);
} else if (ecSpec == null) {
params = new X962Parameters(DERNull.INSTANCE);
} else {
ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
X9ECParameters ecP = new X9ECParameters(curve, EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), ecSpec.getOrder(), BigInteger.valueOf(ecSpec.getCofactor()), ecSpec.getCurve().getSeed());
params = new X962Parameters(ecP);
}
PrivateKeyInfo info;
org.bouncycastle.asn1.sec.ECPrivateKey keyStructure;
if (publicKey != null) {
keyStructure = new org.bouncycastle.asn1.sec.ECPrivateKey(this.getS(), publicKey, params);
} else {
keyStructure = new org.bouncycastle.asn1.sec.ECPrivateKey(this.getS(), params);
}
try {
// BEGIN android-removed
// if (algorithm.equals("ECGOST3410"))
// {
// info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive());
// }
// else
// END android-removed
{
info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()), keyStructure.toASN1Primitive());
}
return info.getEncoded(ASN1Encoding.DER);
} catch (IOException e) {
return null;
}
}
Also used :
X962Parameters(org.bouncycastle.asn1.x9.X962Parameters)
X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters)
ECCurve(org.bouncycastle.math.ec.ECCurve)
IOException(java.io.IOException)
DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
ECNamedCurveSpec(org.bouncycastle.jce.spec.ECNamedCurveSpec)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 27 with org.bouncycastle.asn1.x509
use of org.bouncycastle.asn1.x509 in project robovm by robovm.
the class X509V1CertificateGenerator method generate.
/**
* generate an X509 certificate, based on the current issuer and subject
* using the default provider and the passed in source of randomness
* <p>
* <b>Note:</b> this differs from the deprecated method in that the default provider is
* used - not "BC".
* </p>
*/
public X509Certificate generate(PrivateKey key, SecureRandom random) throws CertificateEncodingException, IllegalStateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException {
TBSCertificate tbsCert = tbsGen.generateTBSCertificate();
byte[] signature;
try {
signature = X509Util.calculateSignature(sigOID, signatureAlgorithm, key, random, tbsCert);
} catch (IOException e) {
throw new ExtCertificateEncodingException("exception encoding TBS cert", e);
}
return generateJcaObject(tbsCert, signature);
}
Also used :
IOException(java.io.IOException)
TBSCertificate(org.bouncycastle.asn1.x509.TBSCertificate)
Example 28 with org.bouncycastle.asn1.x509
use of org.bouncycastle.asn1.x509 in project robovm by robovm.
the class X509V3CertificateGenerator method generate.
/**
* generate an X509 certificate, based on the current issuer and subject
* using the default provider, and the passed in source of randomness
* (if required).
* <p>
* <b>Note:</b> this differs from the deprecated method in that the default provider is
* used - not "BC".
* </p>
*/
public X509Certificate generate(PrivateKey key, SecureRandom random) throws CertificateEncodingException, IllegalStateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException {
TBSCertificate tbsCert = generateTbsCert();
byte[] signature;
try {
signature = X509Util.calculateSignature(sigOID, signatureAlgorithm, key, random, tbsCert);
} catch (IOException e) {
throw new ExtCertificateEncodingException("exception encoding TBS cert", e);
}
try {
return generateJcaObject(tbsCert, signature);
} catch (CertificateParsingException e) {
throw new ExtCertificateEncodingException("exception producing certificate object", e);
}
}
Also used :
CertificateParsingException(java.security.cert.CertificateParsingException)
IOException(java.io.IOException)
TBSCertificate(org.bouncycastle.asn1.x509.TBSCertificate)
Example 29 with org.bouncycastle.asn1.x509
use of org.bouncycastle.asn1.x509 in project robovm by robovm.
the class X509V3CertificateGenerator method generate.
/**
* generate an X509 certificate, based on the current issuer and subject,
* using the passed in provider for the signing and the supplied source
* of randomness, if required.
*/
public X509Certificate generate(PrivateKey key, String provider, SecureRandom random) throws CertificateEncodingException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException {
TBSCertificate tbsCert = generateTbsCert();
byte[] signature;
try {
signature = X509Util.calculateSignature(sigOID, signatureAlgorithm, provider, key, random, tbsCert);
} catch (IOException e) {
throw new ExtCertificateEncodingException("exception encoding TBS cert", e);
}
try {
return generateJcaObject(tbsCert, signature);
} catch (CertificateParsingException e) {
throw new ExtCertificateEncodingException("exception producing certificate object", e);
}
}
Also used :
CertificateParsingException(java.security.cert.CertificateParsingException)
IOException(java.io.IOException)
TBSCertificate(org.bouncycastle.asn1.x509.TBSCertificate)
Example 30 with org.bouncycastle.asn1.x509
use of org.bouncycastle.asn1.x509 in project robovm by robovm.
the class X509CRLObject method isRevoked.
/**
* Checks whether the given certificate is on this CRL.
*
* @param cert the certificate to check for.
* @return true if the given certificate is on this CRL,
* false otherwise.
*/
public boolean isRevoked(Certificate cert) {
if (!cert.getType().equals("X.509")) {
throw new RuntimeException("X.509 CRL used with non X.509 Cert");
}
TBSCertList.CRLEntry[] certs = c.getRevokedCertificates();
X500Name caName = c.getIssuer();
if (certs != null) {
BigInteger serial = ((X509Certificate) cert).getSerialNumber();
for (int i = 0; i < certs.length; i++) {
if (isIndirect && certs[i].hasExtensions()) {
Extension currentCaName = certs[i].getExtensions().getExtension(Extension.certificateIssuer);
if (currentCaName != null) {
caName = X500Name.getInstance(GeneralNames.getInstance(currentCaName.getParsedValue()).getNames()[0].getName());
}
}
if (certs[i].getUserCertificate().getValue().equals(serial)) {
X500Name issuer;
if (cert instanceof X509Certificate) {
issuer = X500Name.getInstance(((X509Certificate) cert).getIssuerX500Principal().getEncoded());
} else {
try {
issuer = org.bouncycastle.asn1.x509.Certificate.getInstance(cert.getEncoded()).getIssuer();
} catch (CertificateEncodingException e) {
throw new RuntimeException("Cannot process certificate");
}
}
if (!caName.equals(issuer)) {
return false;
}
return true;
}
}
}
return false;
}
Also used :
Extension(org.bouncycastle.asn1.x509.Extension)
BigInteger(java.math.BigInteger)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
X509CRLEntry(java.security.cert.X509CRLEntry)
X500Name(org.bouncycastle.asn1.x500.X500Name)
X509Certificate(java.security.cert.X509Certificate)
IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint)
CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)
Aggregations
IOException (java.io.IOException)81
X509Certificate (java.security.cert.X509Certificate)61
X500Name (org.bouncycastle.asn1.x500.X500Name)43
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)39
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)36
BigInteger (java.math.BigInteger)34
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)33
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)31
DEROctetString (org.bouncycastle.asn1.DEROctetString)31
DERIA5String (org.bouncycastle.asn1.DERIA5String)28
Date (java.util.Date)27
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)26
ArrayList (java.util.ArrayList)25
CertificateEncodingException (java.security.cert.CertificateEncodingException)24
CertificateException (java.security.cert.CertificateException)24
GeneralName (org.bouncycastle.asn1.x509.GeneralName)24
ByteArrayInputStream (java.io.ByteArrayInputStream)23
X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)23
PrivateKey (java.security.PrivateKey)21
GeneralSecurityException (java.security.GeneralSecurityException)20
