Examples with BIT_STRING org.mozilla.jss.asn1.BIT_STRING used on opensource projects

Search in sources :

Example 1 with BIT_STRING

use of org.mozilla.jss.asn1.BIT_STRING in project jss by dogtagpki.

the class CertReqMsg method verify.

public void verify(CryptoToken token) throws SignatureException, InvalidKeyFormatException, NoSuchAlgorithmException, org.mozilla.jss.NotInitializedException, TokenException, java.security.InvalidKeyException, IOException {
    ProofOfPossession.Type type = pop.getType();
    if (type == ProofOfPossession.SIGNATURE) {
        POPOSigningKey sigkey = pop.getSignature();
        AlgorithmIdentifier alg = sigkey.getAlgorithmIdentifier();
        BIT_STRING sig_from = sigkey.getSignature();
        ByteArrayOutputStream bo = new ByteArrayOutputStream();
        certReq.encode(bo);
        byte[] toBeVerified = bo.toByteArray();
        PublicKey pubkey = null;
        CertTemplate ct = certReq.getCertTemplate();
        if (ct.hasPublicKey()) {
            SubjectPublicKeyInfo spi = ct.getPublicKey();
            pubkey = spi.toPublicKey();
        }
        SignatureAlgorithm sigAlg = SignatureAlgorithm.fromOID(alg.getOID());
        Signature sig = token.getSignatureContext(sigAlg);
        sig.initVerify(pubkey);
        sig.update(toBeVerified);
        if (sig.verify(sig_from.getBits())) {
            // success
            return;
        } else {
            throw new SignatureException("Signed request information does not " + "match signature in POP");
        }
    } else if (type == ProofOfPossession.KEY_ENCIPHERMENT) {
        POPOPrivKey keyEnc = pop.getKeyEncipherment();
        POPOPrivKey.Type ptype = keyEnc.getType();
        if (ptype == POPOPrivKey.THIS_MESSAGE) {
        // BIT_STRING thisMessage = keyEnc.getThisMessage();
        // This should be the same as from the archive control
        // It's verified by DRM.
        } else if (ptype == POPOPrivKey.SUBSEQUENT_MESSAGE) {
            new ChallengeResponseException("requested");
        }
    }
}
Also used : PublicKey(java.security.PublicKey) SignatureAlgorithm(org.mozilla.jss.crypto.SignatureAlgorithm) ByteArrayOutputStream(java.io.ByteArrayOutputStream) SignatureException(java.security.SignatureException) SubjectPublicKeyInfo(org.mozilla.jss.pkix.primitive.SubjectPublicKeyInfo) BIT_STRING(org.mozilla.jss.asn1.BIT_STRING) AlgorithmIdentifier(org.mozilla.jss.pkix.primitive.AlgorithmIdentifier) Signature(org.mozilla.jss.crypto.Signature)

Example 2 with BIT_STRING

use of org.mozilla.jss.asn1.BIT_STRING in project jss by dogtagpki.

the class CertTemplate method main.

public static void main(String[] args) {
    try {
        CertTemplate ct = new CertTemplate();
        Name name;
        ct.setVersion(new INTEGER(5));
        ct.setSerialNumber(new INTEGER(13112));
        name = new Name();
        name.addCommonName("You");
        name.addStateOrProvinceName("California");
        ct.setIssuer(name);
        ct.setNotBefore(new Date());
        name = new Name();
        name.addCommonName("Me");
        name.addCountryName("US");
        ct.setSubject(name);
        ct.setIssuerUID(new BIT_STRING(new byte[] { 0x00, 0x01 }, 0));
        System.out.println("Constructed CertTemplate:");
        byte[] encoded = ASN1Util.encode(ct);
        try (FileOutputStream fos = new FileOutputStream("certTemplate")) {
            fos.write(encoded);
        }
        ct.print(System.out, 0);
        CertTemplate newCt = (CertTemplate) ASN1Util.decode(CertTemplate.getTemplate(), encoded);
        System.out.println("\nDecoded CertTemplate:");
        newCt.print(System.out, 0);
    } catch (Exception e) {
        e.printStackTrace();
    }
}
Also used : FileOutputStream(java.io.FileOutputStream) Date(java.util.Date) BIT_STRING(org.mozilla.jss.asn1.BIT_STRING) InvalidBERException(org.mozilla.jss.asn1.InvalidBERException) IOException(java.io.IOException) Name(org.mozilla.jss.pkix.primitive.Name) INTEGER(org.mozilla.jss.asn1.INTEGER)

Example 3 with BIT_STRING

use of org.mozilla.jss.asn1.BIT_STRING in project jss by dogtagpki.

the class KeyFactorySpi1_2 method engineGeneratePublic.

@Override
protected PublicKey engineGeneratePublic(KeySpec keySpec) throws InvalidKeySpecException {
    if (keySpec instanceof RSAPublicKeySpec) {
        RSAPublicKeySpec spec = (RSAPublicKeySpec) keySpec;
        // Generate a DER RSA public key
        SEQUENCE seq = new SEQUENCE();
        seq.addElement(new INTEGER(spec.getModulus()));
        seq.addElement(new INTEGER(spec.getPublicExponent()));
        return PK11PubKey.fromRaw(PrivateKey.RSA, ASN1Util.encode(seq));
    } else if (keySpec instanceof DSAPublicKeySpec) {
        // We need to import both the public value and the PQG parameters.
        // The only way to get all that information in DER is to send
        // a full SubjectPublicKeyInfo. So we encode all the information
        // into an SPKI.
        DSAPublicKeySpec spec = (DSAPublicKeySpec) keySpec;
        SEQUENCE pqg = new SEQUENCE();
        pqg.addElement(new INTEGER(spec.getP()));
        pqg.addElement(new INTEGER(spec.getQ()));
        pqg.addElement(new INTEGER(spec.getG()));
        OBJECT_IDENTIFIER oid = null;
        try {
            oid = SignatureAlgorithm.DSASignature.toOID();
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException("No such algorithm: " + e.getMessage(), e);
        }
        AlgorithmIdentifier algID = new AlgorithmIdentifier(oid, pqg);
        INTEGER publicValue = new INTEGER(spec.getY());
        byte[] encodedPublicValue = ASN1Util.encode(publicValue);
        SubjectPublicKeyInfo spki = new SubjectPublicKeyInfo(algID, new BIT_STRING(encodedPublicValue, 0));
        return PK11PubKey.fromSPKI(ASN1Util.encode(spki));
    // 
    // requires JAVA 1.5
    // 
    // } else if( keySpec instanceof ECPublicKeySpec ) {
    // // We need to import both the public value and the curve.
    // // The only way to get all that information in DER is to send
    // // a full SubjectPublicKeyInfo. So we encode all the information
    // // into an SPKI.
    // 
    // ECPublicKeySpec spec = (ECPublicKeySpec) keySpec;
    // AlgorithmParameters algParams = getInstance("ECParameters");
    // 
    // algParameters.init(spec.getECParameters());
    // OBJECT_IDENTIFIER oid = null;
    // try {
    // oid = SignatureAlgorithm.ECSignature.toOID();
    // } catch(NoSuchAlgorithmException ex ) {
    // Assert.notReached("no such algorithm as DSA?");
    // }
    // AlgorithmIdentifier algID =
    // new AlgorithmIdentifier(oid, ecParams.getParams() );
    // INTEGER publicValueX = new INTEGER(spec.getW().getAffineX());
    // INTEGER publicValueY = new INTEGER(spec.getW().getAffineY());
    // byte[] encodedPublicValue;
    // encodedPublicValue[0] = EC_UNCOMPRESSED_POINT;
    // encodedPublicValue += spec.getW().getAffineX().toByteArray();
    // encodedPublicValue += spec.getW().getAffineY().toByteArray();
    // 
    // byte[] encodedPublicValue = ASN1Util.encode(publicValue);
    // SubjectPublicKeyInfo spki = new SubjectPublicKeyInfo(
    // algID, new BIT_STRING(encodedPublicValue, 0) );
    // 
    // return PK11PubKey.fromSPKI( ASN1Util.encode(spki) );
    // 
    // use the following for EC keys in 1.4.2
    } else if (keySpec instanceof X509EncodedKeySpec) {
        // 
        // SubjectPublicKeyInfo
        // 
        X509EncodedKeySpec spec = (X509EncodedKeySpec) keySpec;
        return PK11PubKey.fromSPKI(spec.getEncoded());
    }
    throw new InvalidKeySpecException("Unsupported KeySpec type: " + keySpec.getClass().getName());
}
Also used : SEQUENCE(org.mozilla.jss.asn1.SEQUENCE) OBJECT_IDENTIFIER(org.mozilla.jss.asn1.OBJECT_IDENTIFIER) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) SubjectPublicKeyInfo(org.mozilla.jss.pkix.primitive.SubjectPublicKeyInfo) BIT_STRING(org.mozilla.jss.asn1.BIT_STRING) INTEGER(org.mozilla.jss.asn1.INTEGER) DSAPublicKeySpec(java.security.spec.DSAPublicKeySpec) AlgorithmIdentifier(org.mozilla.jss.pkix.primitive.AlgorithmIdentifier)

Example 4 with BIT_STRING

use of org.mozilla.jss.asn1.BIT_STRING in project jss by dogtagpki.

the class JSSCipherSpi method engineGetKeySize.

@Override
public int engineGetKeySize(Key key) throws InvalidKeyException {
    if (key instanceof PK11PrivKey) {
        return ((PK11PrivKey) key).getStrength();
    } else if (key instanceof PK11PubKey) {
        try {
            byte[] encoded = ((PK11PubKey) key).getEncoded();
            SubjectPublicKeyInfo.Template spkiTemp = new SubjectPublicKeyInfo.Template();
            SubjectPublicKeyInfo spki = (SubjectPublicKeyInfo) ASN1Util.decode(spkiTemp, encoded);
            BIT_STRING pk = spki.getSubjectPublicKey();
            return pk.getBits().length - pk.getPadCount();
        } catch (InvalidBERException e) {
            throw new InvalidKeyException("Exception while decoding " + "public key: " + e.getMessage());
        }
    } else if (key instanceof SecretKeyFacade) {
        SymmetricKey symkey = ((SecretKeyFacade) key).key;
        return symkey.getLength();
    } else {
        key = importKey(key);
        SymmetricKey symkey = ((SecretKeyFacade) key).key;
        return symkey.getLength();
    }
}
Also used : PK11PubKey(org.mozilla.jss.pkcs11.PK11PubKey) InvalidBERException(org.mozilla.jss.asn1.InvalidBERException) SecretKeyFacade(org.mozilla.jss.crypto.SecretKeyFacade) SymmetricKey(org.mozilla.jss.crypto.SymmetricKey) InvalidKeyException(java.security.InvalidKeyException) PK11PrivKey(org.mozilla.jss.pkcs11.PK11PrivKey) SubjectPublicKeyInfo(org.mozilla.jss.pkix.primitive.SubjectPublicKeyInfo) BIT_STRING(org.mozilla.jss.asn1.BIT_STRING)

Example 5 with BIT_STRING

use of org.mozilla.jss.asn1.BIT_STRING in project jss by dogtagpki.

the class PKIStatusInfo method encode.

@Override
public void encode(Tag implicitTag, OutputStream ostream) throws IOException {
    SEQUENCE seq = new SEQUENCE();
    seq.addElement(status);
    if (statusString.size() > 0) {
        seq.addElement(statusString);
    }
    if (hasFailInfo) {
        // convert failInfo to BIT_STRING
        byte[] bytes = new byte[2];
        bytes[0] = (byte) ((failInfo & 0xff000000) >>> 24);
        bytes[1] = (byte) ((failInfo & 0x00ff0000) >>> 16);
        // 7 unused bits
        int padCount = 7;
        BIT_STRING bs = new BIT_STRING(bytes, padCount);
        bs.setRemoveTrailingZeroes(true);
        seq.addElement(bs);
    }
    seq.encode(implicitTag, ostream);
}
Also used : SEQUENCE(org.mozilla.jss.asn1.SEQUENCE) BIT_STRING(org.mozilla.jss.asn1.BIT_STRING)

Aggregations

BIT_STRING (org.mozilla.jss.asn1.BIT_STRING)5 SubjectPublicKeyInfo (org.mozilla.jss.pkix.primitive.SubjectPublicKeyInfo)3 INTEGER (org.mozilla.jss.asn1.INTEGER)2 InvalidBERException (org.mozilla.jss.asn1.InvalidBERException)2 SEQUENCE (org.mozilla.jss.asn1.SEQUENCE)2 AlgorithmIdentifier (org.mozilla.jss.pkix.primitive.AlgorithmIdentifier)2 ByteArrayOutputStream (java.io.ByteArrayOutputStream)1 FileOutputStream (java.io.FileOutputStream)1 IOException (java.io.IOException)1 InvalidKeyException (java.security.InvalidKeyException)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 PublicKey (java.security.PublicKey)1 SignatureException (java.security.SignatureException)1 DSAPublicKeySpec (java.security.spec.DSAPublicKeySpec)1 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)1 RSAPublicKeySpec (java.security.spec.RSAPublicKeySpec)1 X509EncodedKeySpec (java.security.spec.X509EncodedKeySpec)1 Date (java.util.Date)1 OBJECT_IDENTIFIER (org.mozilla.jss.asn1.OBJECT_IDENTIFIER)1 SecretKeyFacade (org.mozilla.jss.crypto.SecretKeyFacade)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial