Search in sources :

Example 11 with DERSequence

use of org.gudy.bouncycastle.asn1.DERSequence in project XobotOS by xamarin.

the class X509Name method toASN1Object.

public DERObject toASN1Object() {
    if (seq == null) {
        ASN1EncodableVector vec = new ASN1EncodableVector();
        ASN1EncodableVector sVec = new ASN1EncodableVector();
        DERObjectIdentifier lstOid = null;
        for (int i = 0; i != ordering.size(); i++) {
            ASN1EncodableVector v = new ASN1EncodableVector();
            DERObjectIdentifier oid = (DERObjectIdentifier) ordering.elementAt(i);
            v.add(oid);
            String str = (String) values.elementAt(i);
            v.add(converter.getConvertedValue(oid, str));
            if (lstOid == null || ((Boolean) this.added.elementAt(i)).booleanValue()) {
                sVec.add(new DERSequence(v));
            } else {
                vec.add(new DERSet(sVec));
                sVec = new ASN1EncodableVector();
                sVec.add(new DERSequence(v));
            }
            lstOid = oid;
        }
        vec.add(new DERSet(sVec));
        seq = new DERSequence(vec);
    }
    return seq;
}
Also used : DERSequence(org.bouncycastle.asn1.DERSequence) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) DERString(org.bouncycastle.asn1.DERString) DERUniversalString(org.bouncycastle.asn1.DERUniversalString) DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier) DERSet(org.bouncycastle.asn1.DERSet)

Example 12 with DERSequence

use of org.gudy.bouncycastle.asn1.DERSequence in project android_frameworks_base by AOSPA.

the class AndroidKeyStoreKeyPairGeneratorSpi method generateSelfSignedCertificateWithFakeSignature.

@SuppressWarnings("deprecation")
private X509Certificate generateSelfSignedCertificateWithFakeSignature(PublicKey publicKey) throws IOException, CertificateParsingException {
    V3TBSCertificateGenerator tbsGenerator = new V3TBSCertificateGenerator();
    ASN1ObjectIdentifier sigAlgOid;
    AlgorithmIdentifier sigAlgId;
    byte[] signature;
    switch(mKeymasterAlgorithm) {
        case KeymasterDefs.KM_ALGORITHM_EC:
            sigAlgOid = X9ObjectIdentifiers.ecdsa_with_SHA256;
            sigAlgId = new AlgorithmIdentifier(sigAlgOid);
            ASN1EncodableVector v = new ASN1EncodableVector();
            v.add(new DERInteger(0));
            v.add(new DERInteger(0));
            signature = new DERSequence().getEncoded();
            break;
        case KeymasterDefs.KM_ALGORITHM_RSA:
            sigAlgOid = PKCSObjectIdentifiers.sha256WithRSAEncryption;
            sigAlgId = new AlgorithmIdentifier(sigAlgOid, DERNull.INSTANCE);
            signature = new byte[1];
            break;
        default:
            throw new ProviderException("Unsupported key algorithm: " + mKeymasterAlgorithm);
    }
    try (ASN1InputStream publicKeyInfoIn = new ASN1InputStream(publicKey.getEncoded())) {
        tbsGenerator.setSubjectPublicKeyInfo(SubjectPublicKeyInfo.getInstance(publicKeyInfoIn.readObject()));
    }
    tbsGenerator.setSerialNumber(new ASN1Integer(mSpec.getCertificateSerialNumber()));
    X509Principal subject = new X509Principal(mSpec.getCertificateSubject().getEncoded());
    tbsGenerator.setSubject(subject);
    tbsGenerator.setIssuer(subject);
    tbsGenerator.setStartDate(new Time(mSpec.getCertificateNotBefore()));
    tbsGenerator.setEndDate(new Time(mSpec.getCertificateNotAfter()));
    tbsGenerator.setSignature(sigAlgId);
    TBSCertificate tbsCertificate = tbsGenerator.generateTBSCertificate();
    ASN1EncodableVector result = new ASN1EncodableVector();
    result.add(tbsCertificate);
    result.add(sigAlgId);
    result.add(new DERBitString(signature));
    return new X509CertificateObject(Certificate.getInstance(new DERSequence(result)));
}
Also used : ASN1InputStream(com.android.org.bouncycastle.asn1.ASN1InputStream) ProviderException(java.security.ProviderException) Time(com.android.org.bouncycastle.asn1.x509.Time) DERBitString(com.android.org.bouncycastle.asn1.DERBitString) ASN1Integer(com.android.org.bouncycastle.asn1.ASN1Integer) AlgorithmIdentifier(com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier) DERInteger(com.android.org.bouncycastle.asn1.DERInteger) DERSequence(com.android.org.bouncycastle.asn1.DERSequence) X509CertificateObject(com.android.org.bouncycastle.jce.provider.X509CertificateObject) X509Principal(com.android.org.bouncycastle.jce.X509Principal) ASN1EncodableVector(com.android.org.bouncycastle.asn1.ASN1EncodableVector) V3TBSCertificateGenerator(com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator) TBSCertificate(com.android.org.bouncycastle.asn1.x509.TBSCertificate) ASN1ObjectIdentifier(com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 13 with DERSequence

use of org.gudy.bouncycastle.asn1.DERSequence in project wildfly by wildfly.

the class KerberosTestUtils method generateSpnegoTokenResp.

/**
     * Generates SPNEGO response (to a "select mechanism challenge") with given bytes as the ticket for selected mechanism.
     *
     * @param ticket
     * @return ASN.1 encoded SPNEGO response
     */
public static byte[] generateSpnegoTokenResp(byte[] ticket) throws IOException {
    DEROctetString ourKerberosTicket = new DEROctetString(ticket);
    // accept-incomplete
    DERTaggedObject taggedNegState = new DERTaggedObject(0, new ASN1Enumerated(1));
    DERTaggedObject taggedResponseToken = new DERTaggedObject(2, ourKerberosTicket);
    ASN1EncodableVector v = new ASN1EncodableVector();
    v.add(taggedNegState);
    v.add(taggedResponseToken);
    DERSequence seqNegTokenResp = new DERSequence(v);
    DERTaggedObject taggedSpnego = new DERTaggedObject(1, seqNegTokenResp);
    return taggedSpnego.getEncoded();
}
Also used : DERSequence(org.bouncycastle.asn1.DERSequence) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) ASN1Enumerated(org.bouncycastle.asn1.ASN1Enumerated) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) DEROctetString(org.bouncycastle.asn1.DEROctetString)

Example 14 with DERSequence

use of org.gudy.bouncycastle.asn1.DERSequence in project oxAuth by GluuFederation.

the class OxAuthCryptoProvider method generateV3Certificate.

public X509Certificate generateV3Certificate(KeyPair keyPair, String issuer, String signatureAlgorithm, Long expirationTime) throws CertIOException, OperatorCreationException, CertificateException {
    PrivateKey privateKey = keyPair.getPrivate();
    PublicKey publicKey = keyPair.getPublic();
    // Signers name
    X500Name issuerName = new X500Name(issuer);
    // Subjects name - the same as we are self signed.
    X500Name subjectName = new X500Name(issuer);
    // Serial
    BigInteger serial = new BigInteger(256, new SecureRandom());
    // Not before
    Date notBefore = new Date(System.currentTimeMillis() - 10000);
    Date notAfter = new Date(expirationTime);
    // Create the certificate - version 3
    JcaX509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(issuerName, serial, notBefore, notAfter, subjectName, publicKey);
    ASN1EncodableVector purposes = new ASN1EncodableVector();
    purposes.add(KeyPurposeId.id_kp_serverAuth);
    purposes.add(KeyPurposeId.id_kp_clientAuth);
    purposes.add(KeyPurposeId.anyExtendedKeyUsage);
    ASN1ObjectIdentifier extendedKeyUsage = new ASN1ObjectIdentifier("2.5.29.37").intern();
    builder.addExtension(extendedKeyUsage, false, new DERSequence(purposes));
    ContentSigner signer = new JcaContentSignerBuilder(signatureAlgorithm).setProvider("BC").build(privateKey);
    X509CertificateHolder holder = builder.build(signer);
    X509Certificate cert = new JcaX509CertificateConverter().setProvider("BC").getCertificate(holder);
    return cert;
}
Also used : PrivateKey(java.security.PrivateKey) RSAPublicKey(java.security.interfaces.RSAPublicKey) PublicKey(java.security.PublicKey) ECPublicKey(java.security.interfaces.ECPublicKey) JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) ContentSigner(org.bouncycastle.operator.ContentSigner) X500Name(org.bouncycastle.asn1.x500.X500Name) Date(java.util.Date) X509Certificate(java.security.cert.X509Certificate) DERSequence(org.bouncycastle.asn1.DERSequence) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) JcaX509v3CertificateBuilder(org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) BigInteger(java.math.BigInteger) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 15 with DERSequence

use of org.gudy.bouncycastle.asn1.DERSequence in project robovm by robovm.

the class CertUtils method generateAttrStructure.

private static AttributeCertificate generateAttrStructure(AttributeCertificateInfo attrInfo, AlgorithmIdentifier sigAlgId, byte[] signature) {
    ASN1EncodableVector v = new ASN1EncodableVector();
    v.add(attrInfo);
    v.add(sigAlgId);
    v.add(new DERBitString(signature));
    return AttributeCertificate.getInstance(new DERSequence(v));
}
Also used : DERSequence(org.bouncycastle.asn1.DERSequence) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) DERBitString(org.bouncycastle.asn1.DERBitString)

Aggregations

DERSequence (org.bouncycastle.asn1.DERSequence)225 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)196 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)48 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)41 DERTaggedObject (org.bouncycastle.asn1.DERTaggedObject)41 IOException (java.io.IOException)36 DEROctetString (org.bouncycastle.asn1.DEROctetString)36 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)30 DERUTF8String (org.bouncycastle.asn1.DERUTF8String)27 BigInteger (java.math.BigInteger)25 X509Certificate (java.security.cert.X509Certificate)24 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)22 DERBitString (org.bouncycastle.asn1.DERBitString)19 DERIA5String (org.bouncycastle.asn1.DERIA5String)19 DERSet (org.bouncycastle.asn1.DERSet)19 GeneralName (org.bouncycastle.asn1.x509.GeneralName)17 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)16 X500Name (org.bouncycastle.asn1.x500.X500Name)16 DERInteger (org.bouncycastle.asn1.DERInteger)14 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)14