Example 1 with OBJECT_IDENTIFIER
use of org.mozilla.jss.asn1.OBJECT_IDENTIFIER in project jss by dogtagpki.
the class SSLClientAuth method makeBasicConstraintsExtension.
static Extension makeBasicConstraintsExtension() throws Exception {
SEQUENCE bc = new SEQUENCE();
// cA
bc.addElement(new BOOLEAN(true));
OBJECT_IDENTIFIER bcOID = new OBJECT_IDENTIFIER(// from RFC 2459
new long[] { 2, 5, 29, 19 });
OCTET_STRING enc = new OCTET_STRING(ASN1Util.encode(bc));
return new Extension(bcOID, true, enc);
}
Also used :
Extension(org.mozilla.jss.pkix.cert.Extension)
OCTET_STRING(org.mozilla.jss.asn1.OCTET_STRING)
SEQUENCE(org.mozilla.jss.asn1.SEQUENCE)
OBJECT_IDENTIFIER(org.mozilla.jss.asn1.OBJECT_IDENTIFIER)
BOOLEAN(org.mozilla.jss.asn1.BOOLEAN)
Example 2 with OBJECT_IDENTIFIER
use of org.mozilla.jss.asn1.OBJECT_IDENTIFIER in project jss by dogtagpki.
the class GenerateTestCert method makeBasicConstraintsExtension.
/**
* Make basic extension.
*/
private Extension makeBasicConstraintsExtension() throws Exception {
SEQUENCE bc = new SEQUENCE();
// cA
bc.addElement(new BOOLEAN(true));
OBJECT_IDENTIFIER bcOID = new OBJECT_IDENTIFIER(// from RFC 2459
new long[] { 2, 5, 29, 19 });
OCTET_STRING enc = new OCTET_STRING(ASN1Util.encode(bc));
return new Extension(bcOID, true, enc);
}
Also used :
Extension(org.mozilla.jss.pkix.cert.Extension)
OCTET_STRING(org.mozilla.jss.asn1.OCTET_STRING)
SEQUENCE(org.mozilla.jss.asn1.SEQUENCE)
OBJECT_IDENTIFIER(org.mozilla.jss.asn1.OBJECT_IDENTIFIER)
BOOLEAN(org.mozilla.jss.asn1.BOOLEAN)
Example 3 with OBJECT_IDENTIFIER
use of org.mozilla.jss.asn1.OBJECT_IDENTIFIER in project jss by dogtagpki.
the class KeyFactorySpi1_2 method engineGeneratePublic.
@Override
protected PublicKey engineGeneratePublic(KeySpec keySpec) throws InvalidKeySpecException {
if (keySpec instanceof RSAPublicKeySpec) {
RSAPublicKeySpec spec = (RSAPublicKeySpec) keySpec;
// Generate a DER RSA public key
SEQUENCE seq = new SEQUENCE();
seq.addElement(new INTEGER(spec.getModulus()));
seq.addElement(new INTEGER(spec.getPublicExponent()));
return PK11PubKey.fromRaw(PrivateKey.RSA, ASN1Util.encode(seq));
} else if (keySpec instanceof DSAPublicKeySpec) {
// We need to import both the public value and the PQG parameters.
// The only way to get all that information in DER is to send
// a full SubjectPublicKeyInfo. So we encode all the information
// into an SPKI.
DSAPublicKeySpec spec = (DSAPublicKeySpec) keySpec;
SEQUENCE pqg = new SEQUENCE();
pqg.addElement(new INTEGER(spec.getP()));
pqg.addElement(new INTEGER(spec.getQ()));
pqg.addElement(new INTEGER(spec.getG()));
OBJECT_IDENTIFIER oid = null;
try {
oid = SignatureAlgorithm.DSASignature.toOID();
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException("No such algorithm: " + e.getMessage(), e);
}
AlgorithmIdentifier algID = new AlgorithmIdentifier(oid, pqg);
INTEGER publicValue = new INTEGER(spec.getY());
byte[] encodedPublicValue = ASN1Util.encode(publicValue);
SubjectPublicKeyInfo spki = new SubjectPublicKeyInfo(algID, new BIT_STRING(encodedPublicValue, 0));
return PK11PubKey.fromSPKI(ASN1Util.encode(spki));
//
// requires JAVA 1.5
//
// } else if( keySpec instanceof ECPublicKeySpec ) {
// // We need to import both the public value and the curve.
// // The only way to get all that information in DER is to send
// // a full SubjectPublicKeyInfo. So we encode all the information
// // into an SPKI.
//
// ECPublicKeySpec spec = (ECPublicKeySpec) keySpec;
// AlgorithmParameters algParams = getInstance("ECParameters");
//
// algParameters.init(spec.getECParameters());
// OBJECT_IDENTIFIER oid = null;
// try {
// oid = SignatureAlgorithm.ECSignature.toOID();
// } catch(NoSuchAlgorithmException ex ) {
// Assert.notReached("no such algorithm as DSA?");
// }
// AlgorithmIdentifier algID =
// new AlgorithmIdentifier(oid, ecParams.getParams() );
// INTEGER publicValueX = new INTEGER(spec.getW().getAffineX());
// INTEGER publicValueY = new INTEGER(spec.getW().getAffineY());
// byte[] encodedPublicValue;
// encodedPublicValue[0] = EC_UNCOMPRESSED_POINT;
// encodedPublicValue += spec.getW().getAffineX().toByteArray();
// encodedPublicValue += spec.getW().getAffineY().toByteArray();
//
// byte[] encodedPublicValue = ASN1Util.encode(publicValue);
// SubjectPublicKeyInfo spki = new SubjectPublicKeyInfo(
// algID, new BIT_STRING(encodedPublicValue, 0) );
//
// return PK11PubKey.fromSPKI( ASN1Util.encode(spki) );
//
// use the following for EC keys in 1.4.2
} else if (keySpec instanceof X509EncodedKeySpec) {
//
// SubjectPublicKeyInfo
//
X509EncodedKeySpec spec = (X509EncodedKeySpec) keySpec;
return PK11PubKey.fromSPKI(spec.getEncoded());
}
throw new InvalidKeySpecException("Unsupported KeySpec type: " + keySpec.getClass().getName());
}
Also used :
SEQUENCE(org.mozilla.jss.asn1.SEQUENCE)
OBJECT_IDENTIFIER(org.mozilla.jss.asn1.OBJECT_IDENTIFIER)
X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec)
RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
SubjectPublicKeyInfo(org.mozilla.jss.pkix.primitive.SubjectPublicKeyInfo)
BIT_STRING(org.mozilla.jss.asn1.BIT_STRING)
INTEGER(org.mozilla.jss.asn1.INTEGER)
DSAPublicKeySpec(java.security.spec.DSAPublicKeySpec)
AlgorithmIdentifier(org.mozilla.jss.pkix.primitive.AlgorithmIdentifier)
Example 4 with OBJECT_IDENTIFIER
use of org.mozilla.jss.asn1.OBJECT_IDENTIFIER in project jss by dogtagpki.
the class Name method AVAToString.
private String AVAToString(AVA ava) throws InvalidBERException {
OBJECT_IDENTIFIER oid = ava.getOID();
String type = typeToString(oid);
if (type == null) {
return "";
} else {
return type + "=" + ava.getValue().decodeWith(DirectoryString.getTemplate());
}
}
Also used :
OBJECT_IDENTIFIER(org.mozilla.jss.asn1.OBJECT_IDENTIFIER)
PrintableString(org.mozilla.jss.asn1.PrintableString)
Example 5 with OBJECT_IDENTIFIER
use of org.mozilla.jss.asn1.OBJECT_IDENTIFIER in project jss by dogtagpki.
the class PKCS12Util method getKeyInfos.
public void getKeyInfos(PKCS12 pkcs12, PFX pfx, Password password) throws Exception {
logger.debug("Load encrypted private keys:");
AuthenticatedSafes safes = pfx.getAuthSafes();
for (int i = 0; i < safes.getSize(); i++) {
SEQUENCE contents = safes.getSafeContentsAt(password, i);
for (int j = 0; j < contents.size(); j++) {
SafeBag bag = (SafeBag) contents.elementAt(j);
OBJECT_IDENTIFIER oid = bag.getBagType();
if (!oid.equals(SafeBag.PKCS8_SHROUDED_KEY_BAG))
continue;
logger.debug(" - Private key:");
PKCS12KeyInfo keyInfo = getKeyInfo(bag, password);
pkcs12.addKeyInfo(keyInfo);
}
}
}
Also used :
SEQUENCE(org.mozilla.jss.asn1.SEQUENCE)
OBJECT_IDENTIFIER(org.mozilla.jss.asn1.OBJECT_IDENTIFIER)
SafeBag(org.mozilla.jss.pkcs12.SafeBag)
AuthenticatedSafes(org.mozilla.jss.pkcs12.AuthenticatedSafes)
Aggregations
OBJECT_IDENTIFIER (org.mozilla.jss.asn1.OBJECT_IDENTIFIER)14
SEQUENCE (org.mozilla.jss.asn1.SEQUENCE)10
OCTET_STRING (org.mozilla.jss.asn1.OCTET_STRING)8
ByteArrayInputStream (java.io.ByteArrayInputStream)4
SignatureException (java.security.SignatureException)4
ANY (org.mozilla.jss.asn1.ANY)4
SET (org.mozilla.jss.asn1.SET)4
CryptoToken (org.mozilla.jss.crypto.CryptoToken)4
Signature (org.mozilla.jss.crypto.Signature)4
SignatureAlgorithm (org.mozilla.jss.crypto.SignatureAlgorithm)4
ASN1Value (org.mozilla.jss.asn1.ASN1Value)3
InvalidBERException (org.mozilla.jss.asn1.InvalidBERException)3
Extension (org.mozilla.jss.pkix.cert.Extension)3
AlgorithmIdentifier (org.mozilla.jss.pkix.primitive.AlgorithmIdentifier)3
Attribute (org.mozilla.jss.pkix.primitive.Attribute)3
BMPString (org.mozilla.jss.asn1.BMPString)2
BOOLEAN (org.mozilla.jss.asn1.BOOLEAN)2
PrintableString (org.mozilla.jss.asn1.PrintableString)2
AuthenticatedSafes (org.mozilla.jss.pkcs12.AuthenticatedSafes)2
SafeBag (org.mozilla.jss.pkcs12.SafeBag)2
